Case Study: International Law Firm

ISO 27001 certification is now a must for many organisations, especially those that gather and store large volumes of sensitive data.

This globally recognised certification can be granted to businesses in a wide range of industries, and at CRMG we had the pleasure of working with an international law firm specialising in construction and insurance law in its effort to apply for and achieve ISO 27001 certification.

The company was mature in its approach to cybersecurity but knew it had work to do if it was to meet the requirements needed for approval.

An essential step in achieving ISO 27001 certification is having an Information Security Management System (ISMS) that applies to the enterprise and covers offices, people, assets and third parties. When the company approached us, it did not have an ISMS in place.

There were other challenges to overcome, too. The geographies in the scope of the company’s ISMS were diverse with each having its own local business demands and different levels of cybersecurity maturity. There was also a need to highlight the benefits of gaining commitment and motivation for certification from the different business units.

To learn more about how CRMG worked with the international law firm to support its ISO 27001 certification, and the result of the collaboration, read the full case study below.

➡️ CRMG Case Study

The Cyber Resilience Act: Implications for Businesses

Strong cyber security is crucial for companies across all industries as cyber attacks become more sophisticated and pervasive. In response

Understanding the Fifth Chapter of DORA

The Digital Operational Resilience Act (DORA), introduced by the European Union, is a critical piece of legislation designed to strengthen

Understanding the Fourth Chapter of DORA

The fourth chapter of the Digital Operational Resilience Act (DORA) is designed to ensure that financial entities can withstand, respond

Meet Our Leadership Team.

At CRMG, our senior leadership team brings a rich history and deep expertise in cyber security. Spearheaded by consultants who are influential figures in the industry, our leaders are highly networked and well-established, with backgrounds in the ‘Big- Four’ firms.

LEARN MORE

Simon Rycroft

CO-FOUNDER AND CEO

Former Head of Consulting at the ISF. On a journey to bring accessible risk management to growing enterprises.

Nick Frost

CO-FOUNDER AND CHIEF PRODUCT OFFICER

Former Group Head of Information Risk, PwC. Motivated by the need to implement cyber risk principles for the real world!

Dan Rycroft

DELIVERY DIRECTOR

Former Head of Delivery, Cyber Security at DXC. Delivers risk-based cyber security programmes with maximum efficiency.

Matt Brett

DELIVERY LEAD – CYBER RISK SOLUTIONS

Former Portfolio Director, Tech Security & Risk, GSK. Specialises in implementing efficient, pragmatic cyber risk solutions.

Martin Tully

DELIVERY LEAD – GOVERNANCE AND COMPLIANCE

Twenty years’ experience in delivering fit-for-purpose cyber governance initiatives.

Louis Head

CONSULTANT – GOVERNANCE AND COMPLIANCE

An expert in everything ISMS-related, and how compliance works in practice.

Guy Asch

COMMERCIAL DIRECTOR

A seasoned Commercial Director, driving P&L business leadership through innovative strategies.

Ryan Hides

DELIVERY LEAD – THIRD PARTY RISK MANAGEMENT

Project Management and Six Sigma expertise. Specialises in turning effective third party risk management into a scalable reality.

Sarrah Ahmed

HEAD OF MARKETING

Bringing over 17+ years of marketing expertise, passionate about crafting innovative marketing campaigns.

Case Study: International Law Firm

Book A Meeting.

From Us To You.
Explore Our Resources.