Zylpha Ltd is a software development company focused on the legal profession. Its widely acclaimed document bundling tool allows users to create electronic document bundles, often for use in court. Document bundling is Zylpha’s primary product, but they also provide integration software for Lexis Nexis Visualfiles™, along with software products for point solutions such as electronic signatures, integration to the Land Registry and others.

The electronic document bundling from Zylpha has become the industry standard in its field due to its speed, efficiency, and ease of use – but also because of its robust security and rigorous compliance.

Information security is of paramount importance to Zylpha and its clients, especially because of the legal industry in which it operates and the imminent launch of its SaaS (Software as a Service) offering. Clients in Zylpha’s new US and Australian territories demand ISO 27001 certification as a pre-requisite.

“We needed to get our ISO 27001 certification implemented and in place within a short lead-time for a product launch, and also to futureproof our compliance for expansion into other global territories. RightCue worked closely with us from the outset, going the extra mile to ensure this critical deadline was met and delivered within budget. They worked closely with us every step of the way and continue to provide invaluable support to optimise our information security strategy.”

Tim Long

CEO & Founder, Zylpha

Seeking ISO 27001 consulting services for ISMS implementation

ISO 27001 is a globally renowned international standard on how to manage information security. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organisations make the information assets they hold more secure.

Zylpha asked RightCue Assurance to become its ISO 27001 implementation partner. They needed ISO 27001 consulting services to help them to operate compliantly and successfully in new international markets, as well as in the UK.

Challenges

As Zylpha prepared for a product launch of its electronic legal document bundling software, ISO 27001 certification was required within tight timeframes.

ISO 27001 service

How RightCue’s expertise helped Zylpha achieve ISO 27001 certification fast

Acting as Zylpha’s ISO 27001 implementation partner, RightCue supported Zylpha throughout the complete ISO 27001 certification process as follows:

  • Complete gap analysis of the current documentation, including all policies.

  • Development of a project plan, listing each task/owner within a ‘roadmap’ flagging checkpoints and roadblocks.

  • User-friendly policies provided, featuring practical solutions to audit paperwork maintenance.

  • Comprehensive technical risk assessment and treatment plan for the entire business, coaching and assisting Zylpha to ensure risk assessment was established as the core of the ISMS.

  • Coaching for managers to help them understand their role in secure data management and the implications of their actions.

  • Access to specialist RightCue resources to aid their security programme and support implementation of new IT controls e.g., website infrastructure and API testing, Pentesting and source code review, ISMS training, review of Azure.

  • Mock certification audit followed by a pre-Stage 2 audit.

  • Liaison with certification body to ensure Stage 2 was completed before the Australian launch, ensuring speedy resolution of corrective action plans, which included consulting with the software team at ISMS Online.

  • Regular meetings to monitor progress against deadlines and tackle any issues immediately.

  • Extensive communication and rapid response to queries throughout the ISO 27001 implementation and ISO 27001 certification phases.

ISO 27001 consultants UK
ISO 27001 certification UK

Guidance and support enables Zylpha to attain ISO 27001 certification with ease

Getting ISO 27001-certified can seem like an intimidating process, especially when the time schedule is tight and your reputation with new clients is at stake. Zylpha also wanted to make sure they were not just doing a compliance activity but really embedding the management system within the organisation.

Nobody at Zylpha was ever left wondering or worrying about their progress towards ISO 27001 certification because our knowledgeable and supportive experts were in touch with them every step of the way.

  • Zylpha is now fully certified to ISO 27001: Information Security Management.

  • ISMS is implemented and fully integrated into Zylpha’s company processes.

  • ISO 27001 certification has driven positive changes in the business specifically around data security awareness and the development lifecycle.

  • Globally recognisable accreditation maintains the momentum of internal expansion, proving compliance in data handling.

  • Australian product launch was a success and Zylpha is making an impact in an important new territory.

  • Continued advice post-certification helps Zylpha manage the ISMS optimally, getting a better ROI.

Information security is a complex field. We nurtured PRD Technologies’ employees, coaching and advising them along the way. In doing so, they understood their role in secure data management and the implications of their actions.

From building an initial understanding of PRD Technologies’ existing process and risks, to creating thorough and relevant policies and procedures, RightCue consultants supported PRD in the most rigorous and practical ways towards a successful certification.

“Working with Tim was an enriching experience, he was very much invested in the project and wanted to make sure he understood all risks, policies, procedures and controls.

“We debated about efficacy of new controls, controls were implemented not just for compliance but for actually addressing information security needs of the business and its customers”. Sonal Agarwal, Executive Director and Managing Consultant, RightCue.

Sonal Agarwal