Cranmore Consulting Commits to Information Security with Certification to ISO27001

Based in Holywood, Co. Down, Cranmore develop enterprise quality apps at pace. Their unique mix of project managers and software developers, combined with their bespoke rapid prototyping & development tools deliver high quality web and mobile apps to leading organisations such as ATOS, Fujitsu and many more.

As a leading software development agency delivering world-class software for clients globally, Cranmore understands the critical importance of maintaining a strong cyber security posture to meet the needs of its growing client base.

To guide them on this journey and demonstrate their commitment to information security, Cranmore engaged with Vertical Structure to help them become certified to the ISO27001 standard.

As a testament to our brilliant consulting team, Cranmore previously worked with us to certify their organisation to Cyber Essentials and Cyber Essentials Plus.

The Challenge

In a recent article, the UK Government outlined the important role that secure software development plays in the wider UK cyber security strategy:

“To achieve our aims, we must ensure consumers and businesses feel confident in digital technologies, which means the foundations of our technology must be secure. Software is one of the fundamental building blocks of digital environments: it underpins the operational function of all of our devices, and how they interact with each other in connected environments. Recent incidents such as the 2020 SolarWinds attack and the discovery of the Log4j vulnerability, have demonstrated the widespread impact which insecure software can have on businesses, charities, educational institutions and other organisations operating across the UK - and globally. Strengthening the resilience of software is an important part of strengthening organisational cyber resilience more widely. This will help reduce the cyber threat to the economy and prevent harm to businesses, UK citizens and the UK’s worldwide customers.”

This goes to show that as technology becomes increasingly relied upon by the UK and Global economies, software plays a critical role in facilitating business operations. That said, this also means that software systems and infrastructure are under increasing threat from those seeking to exploit vulnerabilities to cause disruption.

Why Cranmore Chose to Work with Vertical Structure

As a local expert in all matters of cyber security, Cranmore approached Vertical Structure expressing their interest in further advancing their cyber security posture.

More important than simply choosing a local partner, they required a partner who could expertly guide them through the certification process in an efficient manner that would minimise disruptions to their daily operations.

And like many of our customers, the complex appearance of obtaining certifications can be somewhat daunting, in particular ISO27001. This was also a concern shared by Cranmore and therefore presented a requirement for a partner who could simplify the process and deliver it in such a way that would allow their team to easily understand changes and adopt the positive cultural changes that come with it.

Vertical Structure was therefore the obvious choice with a track record of delivering ISO27001 and other consultancy services, as well as our reputation for promoting cyber security culture.

The team at Cranmore were a perfect example of how a commitment to information security can quickly lead to the implementation of ISO27001. The team demonstrated a clear desire to further its cyber security posture, bringing about positive cultural changes along the way. It was a pleasure to work with Cranmore and I hope to work with them again in their future re-certifications.

Tom Shields (Cyber & Information Security Consultant), Vertical Structure

The Solution

Over a period of several years, Cranmore opted for a full suite of our consulting services including certification in CyberEssentials and CyberEssentials Plus and most recently, ISO27001.

The combination of all three has enabled Cranmore to continue its growth, winning bigger business while demonstrating its commitment to information security.


Our brilliant consulting team worked closely with Cranmore, carefully planning out each stage of certification and guiding their team at a pace that wasn’t overwhelming or distracting.

In addition, the cultural changes brought forward as part of the process created many new baked-in security practices and helped sharpen their existing security processes.

Gaining certification to ISO27001, CE and CE+ with Vertical Structure has been a brilliant exercise for our business. It's not just a mark of our security commitment, but it's also enabled us to work with larger customers. A huge thank you to the Vertical Structure team for simplifying the process and guiding us to certification!

Chris Price (Director), Cranmore

How Vertical Structure Can Help You

Vertical Structure can be your guide to ISO27001.

  • Identification of the priority areas for attention to attain ISO27001 standard
  • Development of the appropriate systems and controls
  • Development of the required documentation
  • Transference of knowledge about the relevant threats, industry best practice and recognised standards as well as regulatory obligations
  • Preparation for the audits and, on request, onsite support during the audits
  • Management of the project to prepare the business for the audits within the agreed timeframe and budget.

Through a series of direct engagements and offsite work, our Certified ISO27001 ISMS Lead Auditor will expertly guide your team, and provide practical support, to build out the necessary systems and controls.

Need help?

Email Us
email hidden; JavaScript is required

Or send us a quick message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.