Case Study: Brookson achieves ISO 27001 certification with URM

Brookson - Customer Case Study

Brookson, a Warrington-based provider of accountancy and financial services to more than 9,000 contractors and freelancers, wanted to strengthen how it protected client data and IT systems. Although it had strong internal policies already, it needed a formal, risk-based information security management system and ISO 27001 certification to validate its approach and support business objectives. URM was brought in to provide consultancy and training support for the ISO 27001 programme.

URM helped Brookson define the certification scope, run an information security risk assessment using Abriska, refine policies and processes, and prepare staff and leadership for assessment by BSI. The project improved organisation-wide awareness, delivered more consistent policy implementation, and led to a dedicated incident reporting process with more issues being reported and better controls, including tighter visitor access procedures. Brookson also formalised supplier reviews and encouraged key suppliers to align with ISO 27001.

Brookson

Lee Kingshott

Information Systems Director