All Services

From back-end infrastructure to personal productivity, Ergo has the knowledge and experience to match technology to all our client requirements. Our strength is understanding your business. The end goal is always the same, to make businesses more agile and competitive.

More About Our Services
Managed Services

Focus on your core business and leave ICT operations and management to the experts. From 24/7 service desk support to managing hybrid clouds, Ergo have the depth and experience to meet the most demanding service level requirements and ensure continuous improvement. 

More About Managed Services

Highlighted Services

IT Resourcing

Competition for talented technology professionals is huge, which is why we make hiring more personal, taking time to match the right people to the right roles. Our technical experience and recruiting know-how help find the perfect fit for both parties.  

More About IT Resourcing

Highlighted Services

Consultancy Services

Speed of change demands a new generation of digital investments that will drive business enablement and profitability. We support IT leaders, wherever they are on their digital transformation journeys, with our digital assessment methodology. 

More About Consultancy Services

Highlighted Services

Print and Document Solutions

Our goal is to deliver the best possible print and document service for you, leveraging the latest technologies and innovation to ensure the performance of your print environment is optimised to maximise employee productivity.  We take out costs, add efficiencies, wrap it in end-to-end security and make print integral to digital transformation. 

More About Print and Document Solutions

Highlighted Services


Agility is key to business success and the cloud is where to get it. We offer a wide range of cloud services – public, private, hybrid – and provide the best of both worlds by integrating or migrating legacy systems to streamline the way your IT is consumed. 

More About Cloud

Highlighted Services

Digital Enablement

Ergo provides a clear roadmap for digital transformation with practical steps to make businesses more agile and customer-centric

More About Digital Enablement

Highlighted Services

Mobility and Collaboration

Ergo has provided many of Ireland’s largest organisations with an ecosystem of mobile applications and collaboration services that drive productivity without compromising on security

More About Mobility and Collaboration

Highlighted Services

Software Licensing

Businesses struggle to manage software assets and don’t always get the best value. We can help streamline your software purchasing, simplify deployments and maximise your investments. 

More About Software Licensing

Highlighted Services

Security, Risk and Compliance

Risks around cyber security and data protection are an ever-increasing challenge for businesses. We provide security lifecycle management, from perimeter testing and threat analysis to mitigating the impact of a breach. 

More About Security, Risk and Compliance

Highlighted Services

Microsoft Technology Specialisations

With the largest team of Microsoft IT professionals in Ireland – including two Most Valuable Professionals our expertise spans a comprehensive portfolio of products/services

More About Microsoft Technology Specialisations

Type your query and press the "Search now" button

What is ISO 27001 and Why Do I Need It?

What is ISO 27001 and Why Do I Need It?

Read The Article
What is ISO 27001 and Why Do I Need It?
Return to Blog

What is ISO 27001 and Why Do I Need It?

The field of cybersecurity is changing rapidly, and the challenges faced by businesses are mounting considerably. Couple this together with the fact that the changing threat landscape is also growing rapidly, and these issues are further compounded.

It is now a question of not ‘if’ a business will be attacked, but when. How a business prepares for and reacts to such an attack can affect the business impact, and even, the existence of the business itself.

What can I do to combat this?

One of the aspects of cybersecurity that is very rarely taken into account is compliance. This never gets the same level of attention as, for example, data protection policies. However, it is equally (if not more) important than these other policies and serves as the cornerstone for properly addressing security issues. The goals of compliance can be described quite simply in a few key points; meet regulatory requirements, improve processes, strengthen security and achieve business objectives.

The question most businesses have is: “What is compliance and what does it entail?”. Sometimes the term can be confusing as it relates to two separate, but interconnected considerations; internal compliance and external compliance.

Internal compliance is about how well your employees adhere to your security policies. Analyse how they operate internally - do they avoid malicious websites? Do they adhere to your data classification policy? Do they follow a predefined patching cycle on the company systems?

External compliance refers to how your company adheres to regulations set by regulatory bodies and institutions such as the government, Central Bank of Ireland or the Data Protection Commissioner. There are a number of compliance frameworks and standards and depending on your type of business or the industry within which you operate, you may have come across some of the below: ISO 27001 – SOX – PCI/DSS – HIPAA - GDPR

While the majority of frameworks and standards focus on specific processes or specific parts of the infrastructure, there are some that take into account pretty much everything that could be related to risk, and so provide a holistic view of your business in terms of its security posture. One of the most widely adopted of these standards is ISO 27001.

What is ISO 27001?

ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an information security management system (ISMS). Achieving accredited certification to ISO 27001 demonstrates that your company is following information security best practice, backed by an independent, expert assessment of whether your data is adequately protected.

Ok, but why does my business need it?

The answer: there are many reasons your business needs to achieve this. Some of the main benefits are:

  • Reputation: The ISO 27001 certification proves you are taking cyber security seriously and that you have processes and procedures in place to protect your data.
  • New business: We see more and more organisations requiring that their partners and suppliers have approved security certifications in order to do business with them, with this requirement becoming a staple in most tenders and proposal documents these days. 
  • New markets: ISO 27001 has the same value and is recognised in any country because it is an international standard, so it will allow you to easily and seamlessly integrate in to new markets outside your normal domain.
  •  Compliance: Having an ISMS certified by an accredited certification body is indisputable evidence that your organisation complies with many other frameworks and standards, such as GDPR.

So do I need to do all of this on my own? 

Of course not. 

The journey towards ISO 27001 certification can be daunting. That’s why you need to partner with an expert who can ease your concerns, highlight areas to improve and guide you to your end goal. Ergo’s Information Security Consultancy can bring you through this in a concise and transparent way, ensuring your organisation becomes ISO 27001 accredited and help stay GDPR compliant at the same time. Our experienced information security consultants have vast experience in ISO 27001 implementations and will take all necessary steps in order to set up, manage and monitor an effective ISMS. My last piece of advice: download our guide to stay informed and vigilant. In an era where cybercrime and lack of compliance is hurting businesses immensely, it’s important you protect yourself, your staff and your data.

Gain a clearer and better understanding of the ISO 27001 certification by downloading our free 7 step guide here

News and Blog Posts

Vigilance as a Service
Steve Blanche
15 February 2019 • Posted By Steve Blanche Chief Technical Officer

Vigilance as a Service

The speed of digital adoption has been such that we really haven’t previously seen such a drastic cultural...

Read now
Treat Print As Seriously As Other Outsourced IT Functions
David Carthy
04 January 2019 • Posted By David Carthy Technical Solutions Manager

Treat Print As Seriously As Other Outsourced IT Functions

Market research shows that outsourcing continues to grow, no doubt helped by the proliferation of cloud services that offer new...

Read now
Cloud Computing - A Mixed Forecast
News 04 February 2019

Cloud Computing - A Mixed Forecast

Read Now
Why Azure is here to stay: An interview with an MVP
News 21 November 2018

Why Azure is here to stay: An interview with an MVP

Read Now
Managed ICT Services: Diving in Deep
News 06 November 2018

Managed ICT Services: Diving in Deep

Read Now

Subscribe to Our Blog

Scroll to Top