What’s got us talking

Story
SouthWestSensor ISO 9001 and ISO 14001 for tech start-up
Story
Elgin Energy UK solar energy developer and asset manager
Story
Eseye ISO 27001: 2022 Transition for IoT Services Provider

Make an enquiry

To find out more about how Qfactorial can help your business, please get in touch using the enquiry form below or, if you prefer, call us on +44 (0)1256 814111 or email kevin@qfactorial.co.uk to speak to our principal consultant.

Success Stories

ISO 27001: 2022 Transition for IoT Services Provider

Eseye is a global IoT connectivity services provider with their headquarters in Guildford, Surrey, UK. Their connectivity service portfolio comprises; IoT Workshops; Rapid Device Prototyping; Device Design and Advisory Services; Global IoT Connectivity Managed Services; Device Testing and Validation; Device Certification Support; Deployment Planning and Global Technical Support.

We have worked with Eseye since March 2023 to support their ISO management systems and ISO certifications.

The 2022 revision of ISO 27001 introduced significant changes and challenges even for already certified organisations. With a new control structure and many new controls, transitioning to the new standard is a significant piece of work for client and consultant. Starting with a deep-dive internal audit to re-confirm ISO 27001:2013 compliance, we continued with a detailed gap assessment against the new requirements of ISO 27001:2022. Armed with this information, we created a transition project programme to run alongside other ISO compliance programmes, with the work divided between our two consultants and the Eseye team. The key themes of Confidentiality, Integrity and Availability of information were in focus throughout the project.

3

themes.

93

controls.

QFactorial Service offering

ISO Certification
UKAS Accreditation
Sustainability Strategy
Process Improvement
Audit Services
Advisory Services

Implementation

When we started working with Eseye they already had a robust Information Security Management System (ISMS) in place, with a good history of successful certification audits. QFactorial inherited custodianship of the internal audit programme together with the ISO 27001:2022 transition project. This gave us the opportunity to use the audits to understand the existing controls and to identify the work needed to upgrade to the new standard. It quickly became clear that there was an opportunity to integrate the management system for all ISOs by creating an overarching Management System Manual. The MSM was supported by ISO-specific manuals for Quality, Information Security and the Environment. We developed the manuals whilst at the same time integrating the internal audit programme across all three standards and creating new topic-specific policies as required by ISO 27001:2022.

Integrating ISO management systems is not a new idea, but it’s all a matter of timing. If you are doing the work to upgrade or add ISOs to the system anyway, you may as well integrate the obvious common processes and reduce the future workload (fewer documents, fewer audits, less complexity).

The Outcome

ISO 27001: 2022 certification achieved with zero nonconformities and a single opportunity for improvement. Integrated management system and audit programme established.

I am incredibly impressed with the professionalism and expertise shown by QFactorial in guiding us through the ISO27001 certification process. Their support and guidance were invaluable in ensuring that our company's information security management system met the required standards. Thanks to QFactorial, we now have the confidence to assure our clients that we take the security of their data seriously. I would highly recommend their services to any business looking to achieve ISO27001 certification.

Adam Hayes

COO - Chief Operating Officer

Interested in this story?

Speak with a QFactorial expert

Make an enquiry
Thank you

We have recieved your enquiry and one of our specialists will be in contact with you shortly.