CASE STUDY
How Orianda got ISO 27001 certified in 4 weeks with Secfix

About

Orianda

Orianda, a valantic company, is an SAP consulting company specializing in providing top-tier IT consulting and asset management services for organizations in various industries. Orianda, based in Tägerwilen, has been a reliable strategic partner in SAP Asset Management for over 25 years, combining sophisticated SAP solutions with highly complex customer requirements. They are one of the leading consulting firms specialising in SAP Asset Management in the DACH region and combine end-to-end processes in asset lifecycle management with technological expertise and in-depth industry know-how.

Website

https://www.orianda.com/

Location

Switzerland

Industry

B2B

Employees

51-200

The Challenge

Meeting a tight deadline for ISO 27001 certification to win a contract

When Orianda was looking to submit an offer (RFQ) to a public sector organization, they faced a mandatory requirement—having an ISO 27001 certification. This certification ensures that a company has an information security management system (ISMS) in place, which is a critical criterion for many public sector projects.

Orianda had not been through the ISO certification process before and found the complexity of the ISO 27001 regulations very overwhelming. With a tight deadline of just a few weeks, they needed a solution to guide them through the process efficiently.

The Solution

How Secfix helped Orianda automate ISO 27001 compliance

Orianda turned to Secfix for help. Secfix provided them with a clear roadmap and checklist of what documents they needed to prepare, how to structure their internal processes, and what to expect during the ISO 27001 audit. Secfix acted as an end-to-end support platform for Orianda, from understanding the requirements to preparing the necessary documentation.

Secfix's platform made it easier by automating their current processes and providing templates and reports that were already aligned with ISO 27001 requirements, enabling Orianda to adapt them quickly to their existing processes. Orianda already had numerous IT security processes in place, and with Secfix's assistance, they conducted a gap assessment to determine how to effectively present the evidence for the audit.

Why Secfix

Secfix made ISO 27001 certification in 4 weeks possible for Orianda

Orianda managed to obtain the ISO 27001 certification in just four weeks—an impressive feat in such a short period. A few factors contributed to their quick success:

  1. Secfix Automation & customised Documents: With Secfix monitoring solution, automated checklist, auditor-approved documents and clear guidelines for SMBs, Orianda didn’t need to start from scratch, significantly reducing the time required to comply with ISO regulations.
  2. Collaborative Effort: The HR representative worked closely with their IT counterpart, dividing the workload and ensuring that both the administrative and technical aspects of the certification were covered.
  3. Fast and Responsive Support: The support provided by Secfix, particularly from Fabiola, the CEO, played a crucial role in the process. Whenever Orianda had questions or encountered issues, Secfix’s team was quick to respond and provide assistance.

“Fabiola was amazing. Whenever I wrote her, it took her just seconds to reply. Without her support, it would not have been possible to get certified so quickly.”

Results

ISO 27001 certification brings new opportunities for Orianda

After four intense weeks of preparation, Orianda successfully got their ISO 27001 certification just in time to meet the deadline for the public sector project offer. Though they’re back to their daily work, the certification not only enhanced their chances of securing new business but also improved their internal processes, particularly in device management.“Secfix helped us realize how much benefit we could get from having a proper device management system. As a growing company, this was something we hadn’t implemented yet, and now we see how valuable it can be.”“For marketing, having the ISO certification is great. It’s a big plus for our credibility when dealing with potential clients, especially in the public sector.”Orianda’s successful certification in such a short timeframe showcases how Secfix can be a game-changer for companies pursuing ISO 27001. With the right tools, guidance, and support, even the most complex certifications can be achieved quickly and efficiently.

Secfix provided us with automation and templates for small companies, which saved us a lot of time. We didn’t have to start from scratch and could focus on adapting the documents to fit our company. That’s how we managed to complete the certification process in just four weeks.

Stephanie Bernhard

Team leader human resources and finance