Why Immediation Chose Drata for ISO 27001 Certification
Immediation is one of the fastest-growing Australian legal tech startups, on a mission to make dispute resolution online accessible, sustainable and equitable. We are pioneers of digital transformation for dispute resolution with the most advanced environments, solutions, and services that truly understand and deliver to the legal specialists who choose us.
The Path to ISO 27001
As a platform that provides video and document services for the legal and dispute resolution industry, we continuously work with confidential and highly sensitive information. Because of that, security is at the forefront of what we do and proving credibility is critical – our customers need absolute certainty in trusting us with their data. While we had implemented controls, we needed a platform that would document and monitor our efforts, simplifying the journey to ISO 27001 certification.
Drata’s level of automation was a clear differentiator in our search for a compliance platform. We needed to start the ISO 27001 process quickly, so having an easy-to-use, intuitive platform that allows you to jump in and get moving was crucial. Other options we researched required a heavy lift that we just didn’t have time for, such as rewriting all of our policies to fit their platform.
Throughout the ISO journey, we leaned on two key services/features in the Drata platform:
With Drata, we’re able to view the real-time status of general security hygiene for new and existing employees. And it was incredibly helpful to have policy acceptance, security awareness training, multi-factor authentication and other measures all available within the Drata platform. We were able to quickly fill in the gaps of where we needed to improve.
Being able to provide our audit partner with access into the platform without having to download and send off documents streamlined the entire process. This was just another feature Drata provided that allowed us to oversee compliance but still focus on the business.
Using Drata easily saved us an excess of $100K a year by not having to bring on additional resources to manage the ISO 27001 journey. Having onboarding features integrated into the platform also shaved weeks off the process and expedited the time for our audit.
Now that we’re ISO 27001 certified, we’re looking at additional frameworks to expand to in 2022, like SOC 2. We’ll be rolling out new features within the Immediation platform so maintaining compliance and updating our policies will be an ongoing priority.