Parashift sells its intelligent document processing solution to demanding enterprises, such as banks and insurance in Germany and Switzerland. Their customers are very strict on respecting the privacy of both personal information and health records. While Parashift was already GDPR compliant, customers would ask for proof of ISO 27001 or else required prospective vendors to complete questionnaires with hundreds of questions. Some of those questionnaires took a week of work, with much back and forth with the customer. The time burden was becoming intolerable. ISO 27001 was a requirement.
To begin with, Parashift needed to put ISO 27001 processes in place. “All the policies and controls we needed were right there in the Akitra product, which saved us a lot of time and gave us assurance we were building the right compliance foundation,” said Andreas Isenring, Parashift’s Chief Financial Officer.
Another key need for the company was automating monitoring and evidence collection from third-party services. Akitra provided this, leveraging its suite of 100+ integrations, and also adding a custom integration required by the customer: ClickUp, a cloud-based collaboration and project management tool.
Andreas also found that the Akitra dashboard was a huge help. “It was great to always be able to see what the project status was, where we were making progress, and where things were stuck and needed more attention.”
As for the external audit itself, Andreas said it was very easy. “We were well prepared. So, it took less than two hours of our time to communicate with the auditor, who had access to the Akitra system and the evidence collected and didn’t need to chase us for it. ”
“If I talk to other companies, they say it took them two years from start to finish to complete ISO 27001. With Akitra, it took us four months,” according to Andreas.
One of the significant benefits that Parashift is beginning to see from being ISO 27001 certified is that it is getting short-listed by prospective customers more often and is better poised to close new business. “Without ISO 27001, we were being dropped from competitive evaluations because of our lack of this certification. Now, we’re far more likely to be on the shortlist of vendors with our prospects. Our sales pipeline is much healthier.”