Case studies
/
Researchable
ISO 27001 Implementation

Researchable’s path to data security excellence

Download PDF

Researchable assists researchers and innovative companies in realising data innovations and develops customised software for this purpose. On the one hand, they help researchers set up large-scale scientific research, data collection, data analysis and valorisation. On the other hand, they help companies to do more with large amounts of data. For companies, they develop customised data platforms, machine learning tools and real-time data applications, for example. Researchable is a knowledge-intensive company with a research background. Their scientific background enables them to take an analytical and proactive approach to complex data issues.

Why PuraSec?

Last year, we requested references from various partners and also looked for organisations that could help us with the implementation of ISO 27001. After several discussions, we felt most comfortable with PuraSec. PuraSec had good references and an innovative view of the security world. Because we are innovators ourselves, we immediately clicked.

PuraSec had an experienced team of people and an innovative view of the security world. They guaranteed that they could do it in a short period of time, which was very beneficial to us. Implementing information security can quickly become a monotonous process, but PuraSec had a pragmatic approach that made the implementation better and more interesting.

Because you spend a lot of hours together, it was nice that the collaboration went smoothly. There was an informal atmosphere and all aspects of the system were looked at pragmatically.

Initial situation

Before we came into contact with PuraSec, we were already consciously engaged in information security given the nature of our work. We already had various procedures in place for the secure development of software and the handling of sensitive information. At the end of 2020, we started the process of having our procedures officially certified so that we could clearly communicate our ideas about information security to our clients. The best way to achieve this was to comply with the highest global requirements in the field of information security. We also noticed that existing partners and future clients wanted us to demonstrate that our information security was in order.

Objective

We are very aware of the importance of information security for our own organisation and for our clients. For ourselves, we want everyone at Researchable to be on the same wavelength when it comes to information security. We want information security to be structurally incorporated, from the code we write to the way we communicate and share data with third parties. Because a fully functional Information Security Management System (ISMS) had to be set up, we preferred to do it right the first time. We did not have the specific domain knowledge of ISO 27001 and NEN 7510 certification at the beginning, so it was great that PuraSec was able to support us in this. Thanks to PuraSec's support and checks, we saved a lot of time in our ISO 27001 implementation.

Why is information security a hot topic?
  • Researchable focuses on developing software and data infrastructure that revolves around handling large amounts of data and information. We therefore have a responsibility to handle this data securely, which is why information security has been crucial from the very beginning.
  • As a company, we are growing rapidly, which brings with it risks in the area of information security. Because we now meet the highest standards, we can manage our growth in a safe and structured manner.
  • Existing partnerships and new clients increasingly require us to have our information security certified by an external recognised party.
  • We believe that if you are serious about the software industry, ISO 27001 is a must-have.
  • We believe that as a software developer, you have a responsibility to your clients in the area of information security.
"Because we primarily develop software solutions in which data and data analysis are the common thread, information security is crucial for researchable and our clients."

- EDUARD VAN PAGEÉ, BUSINESS DEVELOPER
Final result

We have made enormous strides in professionalising our organisation. ISO 27001 is now truly part of Researchable's DNA and a new way of working in our daily activities.

Our short-term goal was to become ISO 27001 certified, and we have achieved this. We realise all too well that this is only the beginning and we see ISO 27001 as a continuous improvement process within Researchable. That is why we will always keep moving forward. We have set up monthly checks and are assessed by an external organisation every year.

Experiences

The process went very well and we are extremely happy to have a partnership with PuraSec. It took a lot of work to comply with the standard in every aspect, but because we had made a tight schedule with PuraSec in advance, we managed to implement everything within a few months.

Experience from PuraSec

Researchable is a great young company with a wealth of knowledge and potential in the field. The process went very smoothly and encountered few problems. Thanks in part to its existing knowledge in the field of security, Researchable was able to work quickly and hard to set up the ISMS.

Thanks to the proactive efforts of Frank, Eduard and the rest of the Researchable team, they managed to implement ISO 27001 in a short period of time.

It's also great to see that they want to go just that little bit further than what the standard requires. This will be of great benefit to them in the future!

"ISO 27001 is not a goal, but a process ;)"

- FRANK & EDUARD

Security questions?

We have answers.

Whether you're wondering about compliance requirements, investigating suspicious activity, or just want to know if you're doing enough, we're here to help. No sales pitch, just straight answers from security professionals who've been there.
Contact us
services
Risk assessment
Security compliance
Security Officer as a Service
Pentesting
PURASEC
legal
Need help?
Find us
Partnered with
Logo Privacy Company
© Copyright - PuraSec B.V.