BH Consulting prepares HR software company Our Tandem for successful ISO 27001 certification

Company background

Founded and led by former HR professionals, Our Tandem provides a software as a service (SaaS) continuous performance management and employee engagement platform that helps organisations around the world to accelerate the performance of their employees, boost their levels of engagement and enables leaders to become better coaches. The company has already won the ‘most innovative future of work product’ at the HR Technology Congress in Paris and has a global client base across multiple industries.

The business driver to becoming certified to ISO 27001

As part of its core business offering, Our Tandem stores and processes sensitive customer and employee data using cloud infrastructure. Therefore, it believes it has a duty to protect its clients’ and employees’ data and its information assets using the principles of confidentiality, integrity, and availability.

Our Tandem already had some good information security practices but needed support in bringing the organisation to full compliance with the ISO 27001 Information Security Standard. It decided to come to BH Consulting, as a trusted professional security provider, to guide it along the journey to ISO 27001 certification.

BH Consulting’s role in the process

BH Consulting worked closely with Our Tandem to guide it through the core principles of the ISO 27001 certification, helping the company to put a structure and plan in place from the beginning, so the project did not seem too daunting.

• BH Consulting’s team started by conducting a gap analysis exercise to identify areas of the business where Our Tandem might need help
• We held risk management workshops to build the company’s risk register and develop a robust methodology for assessing IT and security risks
• BH Consulting provided training and awareness to the Our Tandem staff, tailored to meet its business and to improve staff understanding of cyber-related threats
• As part of the alignment phase, BH Consulting ensured all policies and additional supporting documentation were in place, filling the gaps where necessary
• We provided specific advice where required to steer Our Tandem towards meeting all requirements of the ISO 27001 standard
• The engagement finished with the implementation phase that included an internal audit to ensure everything was in place.

Following the project, Our Tandem was fully prepared for its certification audit which it subsequently passed with flying colours. It gave Our Tandem great comfort to know it had BH Consulting to lean on at every stage to get guidance and support. The certification requirements contain some jargon but BH Consulting helped to break down the terms and explain them to the Our Tandem team. BH Consulting steered the company through the process and conducted regular meetings, especially as the certification audit approached, giving advice on how to plug any gaps for risks and suggesting preventative actions that Our Tandem could take to meet the brief.

Outcome of ISO 27001 Certification

Our Tandem successfully achieved ISO 27001 certification with what the accreditation body called “a perfect audit”, with no findings. Achieving certification demonstrates that Our Tandem really cares about its clients and the security of data entrusted to the company. It also provides a level of assurance over its security practices. Security has always been to the forefront for Our Tandem, and now the certification means it can show customers with confidence that it takes information security seriously.  With Our Tandem passing the audit, this continues BH Consulting’s 100 per cent success rate in having its clients become certified to the ISO 27001 standard.

Testimonial

“BH Consulting helped guide us towards our ISO 27001 certification and we were delighted with the whole experience from start to finish. We knew becoming ISO 27001 certified was a large piece of work, so having the work laid out for us was invaluable. BH Consulting provided a great level of service, care, and professionalism throughout the project. When the project started, BH Consulting ensured that they did not overwhelm us and laid out where we needed to start from the basics and then continued to guide us as each stage progressed. It was great to have an expert on hand to have regular meetings to discuss progress and next steps. We relied heavily on BH Consulting to guide us throughout the project but in particular when approaching our audit for certification. We had confidence in the project from the beginning thanks to BH Consulting and we are absolutely delighted to now have our ISO 27001 certification. We would definitely recommend BH Consulting to any company thinking of getting ISO 27001 certified.”

Jill Clarke, PMO