The Driver for Compliance
As an industry-leading technology company, Metapraxis enables financial reporting, analysis, forecasting, dashboards, and more for complex organizations through their solutions. Dave Palmer, the Security & Compliance Officer for Metapraxis, recognized the need for cybersecurity compliance in the financial planning and analysis (FP&A) industry.
As an experienced professional with an extensive cybersecurity background, Dave knew Metapraxis would greatly benefit from obtaining an ISO 27001 certification. “ISO 27001 is now an expectation of doing business if you are a third-party supplier handling customer’s financial information,” explained Dave. “As a company, our customers trust us to keep their sensitive information secure and we needed to earn accredited ISO 27001 certification to prove our commitment to security.”
We felt it was important to choose a household name with a great reputation and recognizable logo.”
Dave PalmerSecurity & Compliance Officer for Metapraxis
Searching for the Best Fit
When Dave began his search for a Certification Body, he was looking for a reputable organization with experience in the financial industry and a great deal of ISO 27001 knowledge. “It’s a common belief, that as long as you choose an accredited firm, it doesn’t matter who. The international standard is the same, regardless of who audits you. This is simply not the experience I felt to be true from working closely with customers,” said Dave. “We felt it was important to choose a household name with a great reputation and recognizable logo.”
With a great deal of business done across the pond, Dave was looking for a U.S.-based certification body. “Licensed auditors in the U.S. tend to cost a little more but it was worth the extra investment,” he said. “As part of our selection criteria we also looked at providers with a management platform, or compliance automation software, in order to help streamline the audit process.”
After he conducted his due diligence, Dave knew A-LIGN would be the best fit for Metapraxis, who chose A-LIGN based on its reputation of being the largest issuer of SOC 2 certifications in the world, its ability to provide multiple certifications, and for it’s world-class compliance automation solution, A-SCEND.
Earning an ISO 27001 Certification
As soon as Metapraxis chose A-LIGN as their auditing firm, they immediately started the ISO 27001 audit process. “From day one, A-LIGN’s service has been incredible,” said Dave. “Even prior to signing a contract, the level of support they provided was unmatched.”
He found the audit process to be extremely clear and concise. “A-LIGN’s auditors were very well educated, friendly, helpful and true industry experts,” said Dave. “They didn’t treat compliance as a box-ticking exercise but rather made the experience incredibly beneficial for both myself and my colleagues. We learned a great deal throughout the process.”
With Dave’s lead, Metapraxis successfully completed their ISO 27001 certification in approximately eight months.
Utilizing Compliance Automation Software
With a background in technology, Dave found A-LIGN’s compliance automation software, A-SCEND, to make a positive difference in the audit process. “The ISO 27001 standard is a huge undertaking and A-SCEND absolutely streamlined and simplified the process,” he said. “A-SCEND was a game changer because it allowed me to easily and securely upload evidence, add comments, stay organized with a ‘to-do’ list, keep stakeholders up to date on progress, and better manage the workload.”
Metapraxis plans to maintain their ISO 27001 certification and continue their compliance journey by considering additional certifications such as ISO 27017. And in the future, a SOC 2 report.
“We plan to stick with A-LIGN for all future audits because their team is efficient, supportive and provides exceptional customer service,” said Dave. “Utilizing A-SCEND’s Crosswalk feature will make it easier for us to add additional compliance certifications in the future. I’ll be able to pull up A-SCEND and see how close we are to completing other certifications and reuse evidence across engagements, saving my team a great deal of time.”
To learn more about how A-LIGN can help your organization through a variety of cybersecurity compliance assessments and audits, please visit www.a-lign.com/services or complete this form and an A-LIGN expert will reach out to you within 24 hours.
Metapraxis’ mission is to transform the way businesses use data to drive performance. Their solutions integrate your financial planning, analysis and reporting activities in a powerful and flexible platform, providing an essential backbone for all your decision-making. To learn more, please visit www.metapraxis.com.