Noreja implemented ISO 27001 in parallel with ongoing product development and active customer projects, a clear sign of consistent prioritization.
With Kertos, Noreja was able to replace independent documentation using distributed Excel lists. Since then, all relevant information has been maintained centrally, structured and comprehensibly on a platform at any time.
Compared to alternative certification preparation offers, Noreja was able to achieve ISO 27001 certification significantly more efficiently and cost-effectively with Kertos.
Put your compliance on autopilot - both data protection and information security.
About the company
Noreja is an Austrian deep-tech startup specializing in generative process intelligence. The platform enables organizations to contextualize operational data and internal company knowledge and prepare them for the use of Agentic AI. On this basis, companies can analyse business processes in a data-driven manner, precisely identify critical problem causes and solve them in a targeted manner, in a fraction of the conventional time expenditure. Noreja is aimed at companies that want to transform their process management from subjective and time-consuming to data-driven and automated.
The challenge
The biggest challenge during implementation was the combination of several parallel topics: a closely timed product roadmap, a simultaneous change of cloud provider and a lack of dedicated resources in the area of IT security. In addition, new vendors and the exchange of existing tools were constantly being added. In this dynamic environment, there was a risk of quickly losing track of requirements, measures and responsibilities and yet building a solid, auditable ISMS.
The solution
This challenge was solved primarily through close, personal support from Kertos. Noreja had a permanent contact person who accompanied the team throughout the ISO 27001 process and guided them through the individual steps in a structured manner. Continuous support during the course of the project, as well as assistance in finding and selecting a quickly available, qualified auditor, was particularly valuable.
Key components of the solution:
- ISO 27001 Controls: structured on the Kertos platform and fully documented
- Kertos AutoChecks: automatic verification of technical controls to reduce manual effort
- Trust Center: proactive communication of certifications and security standards to customers and prospects
- Personal support: permanent contact person and structured process management through the entire certification process
- Auditor placement: assistance in finding and selecting a quickly available, qualified auditor
The result
The ISO 27001 certification pays off for Noreja, especially in sales: Critical questions about IT security, compliance and GDPR can be answered efficiently through direct reference to the Kertos Trust Center without time-consuming manual document checks in every customer meeting. This increases the reaction speed in the sales process and creates measurable trust among enterprise customers and prospects. For a growing deep-tech startup, this is a real competitive advantage.
Compliance as a Competitive Advantage
Specifically, using Kertos is a major advantage for us in the sales process because it allows us to be faster. Critical questions regarding IT security, compliance, and GDPR are essentially pre-empted by referring to our Kertos Trust Center. This boost in customer confidence has paid dividends so far.
