CASE STUDY

iForce Group

ISO 27001 Implementation and Ongoing ISMS Management for UK Supply Chain Management business, iForce

Overview

iForce Ltd are the UK’s fastest growing supply chain management business, e-fulfilment, carriage management & returns recovery provider.

i3Secure was introduced as a new supplier to iForce in early 2020, during a period of resource challenge for the company. The senior management team were looking for a reliable consultancy to help implement an ISO 27001 Information Security Management System (ISMS). i3Secure was selected as the preferred cyber security supplier because of a commitment to providing value for money, for being flexible and for having deep rooted values – integrity, innovation, and ingenuity. Work began implementing ISO 27001 for iForce in summer 2020.

 

The Challenge

The task was to ensure the iForce Software as a Service (SaaS) offering, Route Genie, was incorporated into an ISO 27001-certified ISMS. Route Genie is offered on license for multichannel retailers seeking carriage management capabilities for their own operations.

iForce required ISO 27001 implementation to ensure future growth of the service and to meet contractual requirements from customers. i3Secure were able to deploy an experienced, CISSP-level qualified ISO 27001 Lead Implementer at short notice (just 3 weeks) to begin the project.

 

Our Solution

Our ISO 27001 Lead Implementer began work by conducting a Gap Analysis against the ISO 27001 Standard to better inform the implementation plan. This involved working with iForce employees and members of the senior leadership team to understand the security posture of the company before any implementation work started.

Our Lead Implementer then created an outline plan for the project and once this had gained appropriate sign off, began implementing the Standard. In preparing the company for Stage 1 and Stage 2 audits with UKAS accredited Certification Body BSI, i3Secure took a hands-on approach to creating policies, standards and procedures to meet mandatory document requirements. This also involved conducting internal audits, management reviews, continuous improvement activities and working with software developers to create “Secure Development Processes”.

The Result

The successful completion of Stage 1 and Stage 2 audits was a fantastic result for iForce and for i3Secure it was another well earned success story for the client. During the implementation of ISO 27001, our consultant had quickly become the go-to person in the company for all cyber security and data privacy matters. Following a successful partnership during implementation, we were asked to provide ongoing ISMS support and maintenance for a further 12 months. This relationship has continued to work extremely well, evident by the recent (2022) extension of the support and maintenance contract for their ISMS and the direct award of further work including UK GDPR Assurance projects and cyber security training workshops.

At a Glance 

  • i3Secure helped lead iForce to successfully complete both stage 1 and stage 2 audits
  • Our team were asked to provide ongoing support on information assurance and data privacy
  • Extended relationship through UK GDPR Assurance projects and cyber security training workshops provided by i3Secure

i3Secure have helped us overcome a number of information security and data privacy obstacles, they have provided innovative solutions and have always reacted in a timely manner. It is an honour to have i3Secure support our team and we look forward to continuing our working relationship with i3Secure.

Aman Sahota, Senior Test Analyst, iForce Group

Looking for ISO 27001 Consultancy?

Discover more about our implementation and ongoing ISMS support services.
  • Access to ISO 27001 qualified Consultants
  • Support business case definition and ISO 27001 certification planning
  • Fully customised ISO 27001 Policy and Documentation Frameworks
Find out more