What’s got us talking

Insight
Is your Quality System Dead or Alive? - 6 telling tests from QFactorial
Insight
Why Quality Management is Critical for Start-ups and Growing SMEs
Insight
Award winning clients investing in a quality future
Story
RPD International Fast-track to ISO 13485 for medical device product development
Story
Guildmore Construction Raising standards and supporting growth with UKAS accredited ISO certification

Make an enquiry

To find out more about how Qfactorial can help your business, please get in touch using the enquiry form below or, if you prefer, call us on +44 (0)1256 814111 or email kevin@qfactorial.co.uk to speak to our principal consultant.

Success stories

Nouveau Solutions

Nouveau Solutions provides a range of managed IT support services, including: infrastructure, networks, cloud services, software development and IT security. 

Already mired in excessive documentation, Nouveau realised that they were travelling the wrong path to ISO 27001 certification and QFactorial were called in initially to advise, then to create a new roadmap and a simpler Information Securit Management System (ISMS).

ISO

27001

0

nonconformities; 80% less paperwork

QFactorial Service Offering

Investigation
Advisory
Management systems
ISO certification
Partnering

Implementation

This was a classic case if applying our signature approach: Collaborate, Integrate, Challenge, Improve. The project was re-booted with a comprehensive risk assessment from which we were able to decide on the necessary InfoSec controls. In many cases, existing controls and initiatives were already robust enough to embody in the ISMS, including elements of the company's ISO 9001 and Cyber Essentials approvals. In other cases, controls were developed or enhanced. The resulting ISMS Manual and policies amounted to an 80% reduction in documentation. 

The problem with templates for management systems is that they try to cover every clause, every detail, every eventuality. This leads everybody, especially small businesses, into the trap of over-documentation. It’s better to build a management system from the ground up rather than imposing a grand design from the top down. Start with reality and you’ve at least a chance of finishing there. 

The Outcome

ISO 27001 certification was awarded exactly on schedule, with zero nonconformities. Managing Director, Andy Stevens, summed up the impact of the new ISMS during a management review meeting: “Everybody is thinking differently now, and information security is part of every conversation”. The partnership is continuing via a series of quarterly “health checks” to ensure that the ISMS remains effective and is sustained long after the euphoria of passing the certification audit.  

View all case studies

Q! Feedback

Our ISO 27001 programme had ground to a halt after trying to follow a complex “one size fits all” template without any real expertise in information security management systems. We needed a simpler approach, focused on the important aspects for our type and size of business.

QFactorial worked with us stage by stage, establishing a simple roadmap that our people could understand. They managed the development, implementation and audit processes, engaging the staff without imposing too much on too many at any one time.   

We passed the audit and achieved ISO 27001 on-time, with a usable system, supporting the business and supporting GDPR. We now use this achievement to provide assurance to our customers that we have robust information security systems in place.

Mike Tuson

Non-Executive Director, Nouveau Solutions

Interested in this story?

Speak with a Qfactorial expert

Make an enquiry
Thank you

We have recieved your enquiry and one of our specialists will be in contact with you shortly.