CASE STUDY
ContractHero's ISO 27001 certification journey with Kertos
With Kertos, ContractHero successfully and efficiently achieved ISO 27001 certification. Our platform assisted ContractHero in the rapid implementation of a certifiable Information Security Management System (ISMS) through automation, pre-built documentation templates, and targeted training. Thanks to Kertos’ expert guidance, ContractHero saved valuable time.
36 %
ContractHero was able to save 36% of the time thanks to Kertos’ automation solution
100 Stunden weniger
The entire certification process was shortened by approximately 100 hours
100 % Erfolg
ContractHero passed the audit on the first attempt, thanks to Kertos.
THE COMPANY
ContractHero: Efficient contract management for renowned companies.
ContractHero is a rapidly growing tech company that helps SMEs manage their contracts more transparently and automatically. With ContractHero’s solution, contract management, document signing, and template creation are simple and intuitive. ContractHero’s clients include renowned companies such as Mercedes Benz, Eurowings, CLARK, and Dorint Hotels & Resorts.
THE CHALLENGE
Expansion of security measures with ISO 27001
In 2023, ContractHero aimed to achieve an even higher level of security through ISO 27001 certification. Although the existing measures were already extensive, the company needed an effective way to set up a certifiable Information Security Management System (ISMS) as quickly as possible for the upcoming audit.
THE PROCESS
Accelerated process with Kertos' automated compliance solution
The implementation process spanned four months, allowing ContractHero sufficient time to prepare for a successful audit. The following steps were carried out by Kertos in collaboration with ContractHero:
1. Initial Assessment: ContractHero conducted a gap analysis to identify areas for improvement using the Kertos platform.
2. Documentation: The company utilized Kertos’ pre-built policy templates to efficiently create the necessary documentation.
3. Employee Training: Kertos provided the required security training for ContractHero’s employees through its platform.
4. Implementation: Under the professional guidance of Kertos’ information security experts, ContractHero implemented the necessary ISO 27001 controls and procedures.
5. Internal Audit: Almost audit-ready! A final internal audit ensured compliance for ContractHero before the official certification audit.
6. External Audit Levels 1 & 2: The final step for ISO 27001 was the actual audit, conducted by Kertos’ network of auditors.
Features used during the process
To achieve ISO 27001 certification, ContractHero utilized the intelligent features of automated ISMS setup with Kertos.
THE IMPACT
ContractHero benefits from successful ISO 27001 certification.
ContractHero has fundamentally improved its information security management system with the help of Kertos and established a strengthened security culture within the company. By systematically implementing the ISO 27001 requirements, streamlining documentation, and providing comprehensive training, the company was able to shorten the certification process by approximately 100 hours and significantly enhance data security measures. Additionally, costs were reduced due to less documentation effort. Moving forward, ContractHero plans to continue optimizing its ISMS with Kertos and adapt to new security requirements on an ongoing basis.