Case Study: James Hay Insurance Company achieves ISO 27001 certification with URM

James Hay Insurance Company - Customer Case Study

James Hay Insurance Company Limited (trading as James Hay Partnership) wanted to strengthen and centralise its information security practices by achieving ISO 27001 certification across the organisation. The financial services firm faced constant scrutiny from clients, the FCA and internal auditors, and brought in URM for guidance, including a high-level health check and support on the certification roadmap and risk assessment approach.

URM provided a light-touch advisory service, helping James Hay define its ISMS scope, build a risk register and risk treatment plan using Abriska, and prepare policies, processes and governance structures for certification. As a result, James Hay achieved ISO 27001 certification in March 2015, improved security controls and culture, boosted supplier and incident management, and gained a market differentiator that reassured external stakeholders and made due diligence and audits easier.

James Hay Insurance Company

Jonathon Shehan

Information Security Manager