Increasing the robustness of an Information Security Management System

Resilient is a pioneering provider of smart voice services that help the public and private sector solve strategic continuity, compliance and fraud prevention challenges.

The business made a strategic decision to invest in security for three key reasons:

  • The need to reduce risk
  • The goal for customers to have confidence and trust in Resilient as a safe, secure and professional pair of hands for their critical services.
  • The desire to respond more clearly to customer questions about security.

Resilient engaged Ascentor, part of EMB group, to help guide their security improvement and certification journey. Ascentor supported Resilient to understand and develop their overall Information Security Management System (ISMS) improvement plans and advise on the appropriate frameworks to follow and certifications to achieve.

A staged approach was chosen and successfully implemented across the following three years – starting with Cyber Essentials (CE) and CE Plus, then to IASME (Information Assurance for Small and Medium Enterprises) and finally to ISO 27001.

During the project, Ascentor helped to develop policy documents, an associated management system and designed a governance approach. Throughout the implementation, Ascentor maintained focus on the business benefits rather than simply on achieving certification for the sake of certification.

“For three years, Ascentor acted as our guides when dealing with the ISMS improvement roadmap overall, picking the right certifications to achieve along the way to show benefit to the business and, at the same time, allowing us to gradually and continuously improve our internal processes” said Anton Pasyuta, Project Manager, Resilient plc

 Stephen Smith CEO of EMB Group said “Organisations from all sectors are taking their cyber security risks seriously and seeking to build up their level of cyber maturity.  This makes them more attractive as suppliers and gives them a competitive edge with their customer base. Ascentor specialises in independent cyber risk management which is uniquely tailored to the needs of individual organisations and based on the premise that information security is a powerful business enabler.”