If you're getting ISO certification to keep your clients happy, you're doing it for the wrong reason.
ISO 27001 is a must-have for us to demonstrate to our customers that we don't just advise; we apply the same standards and have the experience to back it up.
I felt it was more of a partnership than an auditor coming in and saying, this is wrong, that's wrong.
No company is bulletproof—not even the Pentagon or CIA. Everyone has been hacked at some point. While we might expect these organisations to be leaders in cybersecurity, we understand that it requires targeted effort required to do that work. That's what has changed the game.
Your auditors were extremely helpful to show and explain to me best practice and really refine and give me great examples of how it can be done.
Southpac’s team took us through a step-by-step, systematic process, which made everything feel logical and manageable.
I'm using it as structure for the business, for bringing in new systems and procedures. It's a good backbone.
It’s about ensuring that our clients are confident they’re dealing with a company that operates at a high standard.
We enjoyed the process, and I would have to recommend it to any business that wants to strengthen themselves in the industry they are in. I think it’s a great benefit for anyone.
It’s not about what we find, it’s about how we deal with what we find. If the system’s broken from an audit finding, it means it’s broken for the business. It means it needs improving.
![It was a really good experience. [Southpac] didn't create any unnecessary hurdles.](https://southpaccertifications.com/hs-fs/hubfs/img_casestudy_aig_628x628px.jpg?width=628&name=img_casestudy_aig_628x628px.jpg)
