rready is a B2B SaaS platform for innovation management that works with large enterprises and organizations with over 3,000 employees. The company prides itself on IT and information security because its customer base requires rready to store innovations, ideas, and patents.

Vinz Leuenberger, the company’s CPO, was facing mounting pressure from its growing customer base to prove the security of their platform with official certifications with frameworks such as ISO 27001.

“As we matured, our client base demanded to not only tell them we’re secure and have policies in place but to prove it through a third-party certification.”

When the opportunity arose to partner with a US-based enterprise client, Vinz realized the urgency of obtaining certification quickly. 

“We had an enterprise US customer, and they required us to have an ISO 27001 certification. It was crucial to get this deal in. We were under a huge time pressure and needed to complete the certification process very quickly.”

Vinz and his team had no prior experience with ISO 27001 compliance, and founders in their network told them that the certification process could take months — potentially hindering rready’s ability to close this enterprise deal.

“Everyone warned me that ISO 27001 certification would be a long and difficult process, often taking months and months to complete. Hearing that feedback left us feeling quite anxious and overwhelmed, especially since we knew we had what we needed in terms of security measures.”

rready needed to achieve ISO 27001 certification on a tight timeline, meet their client’s procurement requirements, and onboard 42 new employees—all while focusing on maximizing efficiency and optimizing resources to support the growth of their startup.

Vinz contemplated working with consultants to support the company’s certification goal, but quickly realized it wasn’t an ideal use of their resources. After speaking with other automation platforms, he felt unsure about their commitment to the project. In contrast, Vinz was impressed with Secureframe’s vision to support the company throughout the ISO 27001 certification process.

“With Secureframe, we could see exactly what we were getting and the end result. The other providers we spoke with couldn't show the same level of commitment.”

The onboarding process was fast and effective, allowing 42 employees to quickly complete compliance requirements such as completing background checks, reviewing and accepting policies, and completing security awareness training. 

“The most important feature to us was efficient employee onboarding. All of our personnel had to complete training, upload their CVs, and so on.”

Secureframe stood out by streamlining employee onboarding through automated reminders and notifications, ensuring seamless management of a rapidly growing workforce. 

“Employees had a deadline for each task, and they automatically received reminders to ensure they did it. That was super important for us.”

Vinz and his team partnered with Prescient Security for their ISO 27001 certification audit, leveraging the audit firm’s familiarity with the Secureframe platform. This partnership significantly reduced time-consuming back-and-forth communication and streamlined the audit process, as all necessary compliance evidence was easily accessible.

“The audit was extremely efficient. It was four to five times faster than if you would go through constant auditing meetings. If the auditor reaches out to verify something, you can easily pull up the evidence and discuss it with them.”

Vinz was also impressed with how Secureframe automation simplifies ongoing compliance management. Clear visibility into how their security controls mapped to ISO 27001 requirements and control performance allowed him to maintain a straightforward, organized path to certification without any guesswork, freeing him up to focus on other business areas.

“I know what evidence I have to collect and which controls and policies I have to manage. When we go into our surveillance audit next year, it’s already clear who on the team needs to do what. Everyone is kept accountable.”

rready’s DevOps lead was also enthusiastic about the AWS integration and the ability to automatically gather technical evidence, which helped save time and reduced tedious manual work.

“Secureframe’s integrations make audit preparations significantly faster by automatically fetching the evidence. You have everything you need to prove compliance at a glance when you show it to the auditor. That’s a really big upside.”

rready achieved ISO 27001 certification in just six weeks, helping it successfully close their new enterprise client.

“The main selling point is the time to certification—you’re talking weeks, not months. And it comes with a price that’s affordable and reliable.”

Additionally, ISO 27001 compliance with Secureframe helps them cut 1.5 days from the vendor procurement process by eliminating the need for extensive security questionnaires.

“Before using Secureframe, we had to answer lengthy security questionnaires for each customer and go very deep on these answers because we did not have security certifications. On average, I spent a full day per deal to complete questionnaires, and then you have follow-up calls and meetings. Now, I save a full day and a half per deal going into procurement.”

Faster procurements mean that Vinz and his team have sped up their deal cycle by 2-3 weeks. 

“You don’t have to manage extra review cycles. You can assert to the lead that you have evidence of a strong security posture that he can take to their internal IT, which helps a lot. We save two or three weeks of extra back and forth on every deal.”

ISO 27001 certification also gives rready a significant competitive advantage, allowing them to quickly grow in a competitive global market.

“Now that we have our ISO 27001 certification it’s easier to grow and scale, especially with enterprise organizations. We win deals because of our ISO 27001 certification, especially against other providers who do not have it, which we hear regularly.”

Vinz believes in the power of using Secureframe to quickly achieve compliance, improve accountability, and maintain strong security practices. 

“The evidence gathering, collection, and keeping each other accountable is huge. And it comes at an affordable price. But it’s not just that you save a lot of money; you can bring in the energy and invest yourself. Secureframe provides the tools to get there.”