LiveTiles Upgrades to ISO 27001:2022 with Scrut

Location: New York, USA

Industry: SaaS

The Context

LiveTiles, a SaaS company based in New York, specializes in intranet software solutions. The company aimed to upgrade from ISO 27001:2013 to ISO 27001:2022 certification, requiring an update in their compliance processes. With a limited security team and operations spread out globally, LiveTiles sought a solution to streamline compliance management processes and maintain high standards of security.

Jan Aries Gomez Operations Manager, LiveTiles

“Having Scrut as our compliance partner has been a game-changer for us, especially during our transition to ISO 27001:2022. The support and tools provided by Scrut have streamlined our processes and made our team more efficient.”

Challenges

Upgrading Compliance Amidst Resource Constraints

LiveTiles needed to transition from the 27001:2022 version amidst internal leadership changes. However, certain challenges impeded their path forward.

Navigating Complexity in the New Standard
The transition to ISO 27001:2022 required comprehensive updates to their existing compliance framework. It involved enhancing policies and procedures to align with
the complex new standard. Understanding these new requirements and mapping
existing documentation to the new requirements were significant challenges.

Overcoming Manual Processes and Visibility Issues
LiveTiles previously relied on labor intensive processes, including spreadsheets for tracking compliance tasks and SharePoint for document management. These methods resulted in unaddressed compliance gaps, fragmented visibility of progress, and extended timelines.

Managing Compliance with Limited Resources
With a lean security team, governing compliance processes across a global workforce was arduous and added more burden on an already strained team. The lack of adequate tools for coordination and automation was a shortcoming in achieving compliance efficiently.

The flexibility of Scrut's team, especially accommodating our global team's schedules, has been incredibly valuable.

The Solution

Scrut not only ensured compliance but also optimized processes. Key features of the Scrut platform that made the efficiency possible include:

Centralized Management
Scrut consolidated compliance documentation and tasks, mapping artifacts to controls and linking risks. LiveTiles tracked control status, developments, pending tasks, and critical risks, replacing cumbersome SharePoint folders for streamlined management.

Real Time Dashboards
Scruts real time dashboards gave LiveTiles continuous compliance tracking, visibility into critical risks, and management of action items, artifacts, and version logs. They also enabled real time reporting to leadership, streamlining the entire risk management process.

Collaborative Platform
The platform allowed infosecurity leaders to notify assignees of pending tasks with one click, replacing manual steps. Bi directional integration with Jira enabled sending tickets with remediation steps and cloud issue metadata, allowing engineers to address issues directly.

Favorite Modules

Proven ROI with Scrut:
Download the Full Case Study Now

The Impact

Elevated Security Posture
Scruts monitoring ensured proactive identification of issues, while experts mapped ISO 27001:2013 to 2022, performed gap assessments, reused existing documents, and gathered evidence for new criteria, achieving compliance with minimal disruption to LiveTiles operations.

Efficiency in Processes
Scrut s audit portal let auditors submit findings with context, enabling prompt responses and smoother audits. LiveTiles transitioned from spreadsheet based risk assessments to Scruts dynamic register, improving risk visibility and mitigation.

Improved Collaboration
Scruts centralized platform enhanced team collaboration at LiveTiles through tagging, shared reports, and artifact access. Its 24×5 customer support ensured timely assistance for LiveTiles global workforce, accommodating varied work hours across different time zones.