• ISO 27001
  • Provides evidence of complying with the GDPR
  • Allow tenders to public sector organisations
  • Manages the risk of storing valuable digital information

“The entire certification journey to implement ISO 27001 was simple and easy to navigate. We were able to move seamlessly through each stage. Overall, implementing ISO 27001 has been a positive experience that has benefited our business.”

Executive Summary

With ISO 27001, SmartSurvey now have an information security management system that ensures they follow best practice with regards to preventing cyber-attacks and keeping their clients’ data safe.

ABOUT SmartSurvey

SmartSurvey is the UK’s leading online survey tool, providing software to organisations worldwide. They serve customers in the private and public sectors including; IKEA, Metropolitan Police, Norfolk County Council, Parkinson’s UK, Alton Towers, and many more.

Certification Journey

SmartSurvey benefited from our friendly and pragmatic approach, utilising our toolkit to help them build an effective management system with no prior knowledge.

SmartSurvey told us, “the entire certification journey to implement ISO 27001 was simple and easy to navigate. We were able to move seamlessly through each stage.”

Here at BAB, we’re very proud of our auditors. Unlike many of our competitors, we don’t use subcontractors – we can guarantee a consistent and pragmatic approach to auditing.

SmartSurvey felt the benefit of this. They told us, “our auditor was professional and thorough, working through the entire process systematically.”

ISO 27001

In a time when information security is vital for businesses, the ISO 27001 standard is widely regarded as the best way to protect your clients’ data. This is achieved by introducing procedures that are designed to mitigate the threat of cyber-attacks.

SmartSurvey told us this was a core motivation for them. However, ISO 27001 can also open doors. SmartSurvey told us they’ve used it to win some significant contacts.

“Achieving ISO 27001 has been crucial for winning tenders in the government sector where data security is of paramount importance. Security is our most important feature and we take it very seriously.”

Here at BAB, we’re accredited by the United Kingdom Accreditation Service, meaning an ISO certificate from us is guaranteed to be accepted in public sector contracts.


The upcoming General Data Protection Regulation (GDPR) supersedes the Data Protection Act 1998. GDPR creates new requirements for organisations that process EU residents’ personal data and allows authorities to enforce fines of up to 4% of annual global turnover.

SmartSurvey told us, “With GDPR being enforced next May, having ISO 27001 certification will position SmartSurvey in a good place to help ensure security compliance for customers and increase our professional reputation.”

GDPR encourages the use of ISO 27001 to demonstrate that the organisation is actively managing its data security in line with international best practice.