SImplified. Secure. Sustainable.
The only management system you need for your information security, privacy and other compliance work.
In collaboration with
ISMS.online Cloud Software
When it comes to helping our customers with their information security, privacy and business continuity needs there’s only one management system we recommend, ISMS.online.
This simplified, secure and sustainable cloud platform is actually multiple management systems in one.
An Information Security Management System (ISMS)
A Privacy Security Management System (PIMS)
A Business Continuity Management System (BCMS)
An Integrated Management System (IMS)
All tied together with an Enterprise Risk Management system.
So whatever direction your compliance needs take you, you only ever need one platform, with a joined-up view of everything, all in one place.
Lots of happy Kiwi companies are already onboard.
Resilient IT was one of ISMS.online first global partners and know the platform well. We have developed our own localised build which further accelerates implementation. We have regular calls with the UK based team and are constantly collaborating on improvements.
NZ companies have used ISMS.online to gain successful ISO27001 certification with Resilient IT
NZ companies currently implementing ISO27001 using ISMS.online with Resilient IT
Great compliance practice is all about strengthening your position from solid foundations. Start with ISO 27001 then expand your posture to include complementary standards and regulations like ISO 27701, ISO 22301, NZISM, GDPR and more.
- Pre-built regulation, certification, and standards frameworks to meet ISO 27001, ISO 27701, ISO 22301, GDPR, ISO 9001, NIST, NIS Regulations, Cyber Essentials & more
- Create policies, controls, and other information quickly
- See progress and completion of your ISMS at all times
- Facilitate team collaboration
- Visible audit trails with version control management
- Set automated policy reminders and alerts for review
Information Asset Inventory
- Meet the information asset inventory requirements of ISO 27001:2013/17/18 in one secure place
- Bring your inventory to life by connecting it to risks, controls, and supply chain, and take other actions that demonstrate your assets are well protected
- Collect any information about an asset in one place including documents, procedures, discussions and tasks.
- Deliver GDPR requirements for a personal data inventory and show how it all joins up with your broader security protocols
- Effectively manage Information Security Risks, Applicable Legislation, and Interested Parties
- Save weeks of work using our comprehensive risk bank pre-mapped to suggested ISO 27001:2013/17 Annex A controls
- Dynamically link to your Information Asset Inventory, and wider ISMS
- Quickly and easily add your own risks, applicable legislation, and interested parties
- Assign and set review dates
- Treat risks, capture evidence, and retain a full audit trail
- Work dynamically alone or online in teams
Statement of Applicability
- Dynamically populate your Statement of Applicability from Controls
- Includes standard justifications for the inclusion or exclusion of each control
- Follow the links from identified risk and relevant controls, through to the control policy itself and then to the SoA (and in reverse so that your auditor can see the risks associated with the included control too!)
- Dynamically controlled to easily remain in sync with your controls as they are reviewed for inclusion/exclusion
- Share with auditors, or customers, by simply adding them as a controlled user to your online ISMS or export to physical report
Audits, Management Reviews and Corrective Action
- Evidence governance with practical audits & management reviews
- Monitor objectives against KPI’s
- Evidence non-conformities and corrective actions and identify areas for continual improvement
- Manage through proven work processes, retaining information to create a full audit trail to save time later
- Navigate and share easily to reduce management overhead
- Evidence an end-to-end management of incidents and track events and weaknesses, following our proven work processes
- Filter reporting by customisable settings that include notification to regulators and victims in line with EU GDPR
- Manage and drive performance improvements using incident stats
- Handle business continuity & disaster recovery planning
Staff Communication, Training & Awareness
- Collaborate in groups
- Set tasks for specific compliance work
- Improve learning and development
- Elevate employee engagement
- Link to policies & controls
- Demonstrate engagement for impact assessments and consultations
Business Continuity Management
- Meet the requirements of ISO27001 Annex A.17
- Optionally, go beyond to achieve full BCMS certification too
- Track and manage Business Impact Analysis assessments and related risks, vulnerabilities and opportunities
- Manage your incident responses in a simple but powerful workflow
- Describe your approach to ISO 22301 in a dedicated policies and controls area
- Assign roles and responsibilities across your BCMS
- Plan and conduct audits of your management system all in one place
Staff & Supplier Compliance
- Reduce policy fatigue
- One secure and accessible place to manage all policies
- Evidence policies have been read and accepted
- Policy Pack is sent to employees in an easy to read format
- Choose the GDPR standalone or combine with ISO 27001
- Follow the full GDPR regulation as a project framework and capture your evidence, policies and workings to demonstrate compliance
- Follow the UK Office (ICO) approved self-assessment framework and capture your evidence, policies, and workings to demonstrate compliance
- Use our relationship management accounts area to record DPO’s of outsourced partners
- Manage incidents and risks using certified tools and policies
- Conduct Privacy Impact Assessments and evidence findings
Supply Chain Management
- Manage supplier contracts and contacts, and capture the GDPR requirement to hold DPOs for all relevant suppliers
- Create simple links from your disaster recovery plan
- Link accounts to associated risks for ongoing management, fast analysis and improved decision-making
- Monitor and review supplier services with a clear and full audit trail
Strategic Insight from Clusters & Dashboards
- Bring together the visual overview you need to run your ISMS effectively
- Make light of your management reviews and committee meetings to demonstrate you are in control of your ISMS and can be trusted with valuable information.
- Using ISMS.online Clusters you can pull together any initiatives and report around them, and with each initiative area having its own automated reporting and statistics it means no more Excel, Powerpoint or wasting time on reporting performance or chasing on progress.