Our Client, a global software development company, aimed to grow their business, involving major customers from highly regulated markets. This required a solid compliance foundation, so CIGen engaged us to help strengthen their information security and pass ISO/IEC 27001:2022 certification.
We helped CIGen design and build an ISMS that complied with both ISO/IEC 27001:2022 requirements and the company’s operational needs. This allowed our Client to set up cohesive information security practices and get ready for entering compliance-driven markets.
CIGen specializes in Azure Cloud development, AI, and digital transformation services. The company aimed to expand their operations into the regulated markets, which required compliance with ISO/IEC 27001:2022. So, CIGen engaged us to help strengthen their information security posture and ensure that all secure data handling practices were in place.
We developed a step-by-step compliance roadmap and guided the Client through the certification journey. This approach ensured seamless transformation of existing processes and helped CIGen pass the certification audit without nonconformities. Our full-cycle consulting services included:
Compliance with ISO 27001 requires both deep expertise in the regulatory framework and understanding of Client workflows to properly structure, implement, and validate the essential ISMS components. Therefore, we started with stakeholder interviews to discover CIGen’s existing processes and map the framework requirements accordingly.
As off-the-shelf ISMS templates didn’t fit the agile business model CIGen follows, we also closely collaborated with the Client’s engineering and DevSecOps teams to adapt policies and controls to the company’s way of working. As a part of this, we:
The implementation of formal security governance practices often leads to a slowdown in operations. Given GICen’s fast delivery pace, our priority was to prevent any of such delays. Thus, we decided to extend formal policies with practical adjustments and created a custom methodology for achieving ISO 27001 certification.
According to it, we embedded compliance requirements right into the Client’s operational reality and ensured transparent communication of these changes to the team. As a result, we not only minimized frictions in the workflow but helped CIGen foster a proactive security mindset across the departments, through:
Maryan Savka
CEO
CIGen
I'm thrilled to announce that CIGen has officially received our ISO/IEC 27001:2022 certification. This milestone is a testament to our incredible team's hard work and dedication. A huge thank you to everyone who supported us throughout this journey. Together, our commitment to excellence and security has made this achievement possible.
Evgeniy Bachinskiy
Vice President
Sigma Software
Leadership involvement is crucial for establishing an ISMS. Maryan Savka, CEO of CIGen, supported the team from the beginning, promptly addressing roadblocks. With the proactive assistance and guidance of Sigma Software’s lead consultant Yuriy Honcharuk, they ensured the ISMS was effective and seamlessly integrated into the company's operations, so employees didn’t perceive it as a disruption but rather logical steps in the processes.
