Home Resources Case Studies

Everflow Tech Case Study

09 July 2021
Everflow Tech is part of the Everflow Group. The Everflow Group has an entirely unique business operating model: they are a tech company (Everflow Tech) that owns their own operating company (Everflow Water).
Standard: ISO 27001 (Information Security Management)

Everflow Tech make water simple through the use of their own bespoke software, which was revolutionary in its ability to generate instant quotes and manage contracts end-to-end. This has boosted profitability for water retailers, such as Everflow Water, by making sales much quicker and processes more efficient and less likely to be impacted by human error.

Earlier this year, Everflow Group ranked third in the FT1000, the Financial Times’ annual list of the fastest-growing businesses in Europe, and has recently been awarded an ‘Outstanding’ 2 star rating with b.co.uk in the Best Companies to Work For survey. Everflow launched in 2015 and now employs almost 100 people across 3 sites, with Everflow Tech occupying one of the sites.

Importance of Data Protection

ISO 27001:2013 is the international standard that provides a framework for Information Security Management Systems (ISMS) to provide continued confidentiality, integrity and availability of information as well as legal compliance.

Everflow Tech understands the importance of data protection and want to make sure they’re living up to the Everflow values and ‘doing the right thing’ by their clients and their customers. They believe this encompasses taking every precaution Everflow can protect the data they handle. Having the continual review in place, holds them to account, ensures they’re up to speed with changes in data handling policies and gives their clients peace of mind.

Facing Challenges

Everflow Tech is a new company, so their strength is that they’re innovative and here to solve a problem, however, their weakness is trust – clients don’t always trust young businesses. This qualification has helped reassure potential clients that Everflow Tech are trust-worthy and have the relevant processes in place.

The company brought Lina, Programme & Project Manager, onboard specifically to manage such processes, and she has been working hard, and continues to work hard to ensure they meet accreditation standards. For ISO 27001, Lina has been working with IT Governance to create robust policies.

The external audit was carried out over multiple days and had two stages, eventually, Everflow Tech passed with flying colours!

“As challenging as this process may seem, it really isn’t that scary when you have the right people to support you along the way.” - Lina, Programme & Project Manager

Lina also commented – “Our Information Security Management System was audited by Tony Bevan. This was my first personal experience with external auditors and Tony completely exceeded my expectations – he made me feel very comfortable and at ease. He was very thorough when checking the documentation and evidence, and he provided constructive advice on how the management system could be improved.”

Enlisting the help of IT Governance

Everflow Tech called upon IT Governance to help them implement their ISO 27001 management system. 

“Max Cartwright was the consultant assigned to our project and he has provided an excellent service. Max has supported us from the very beginning, starting with a gap analysis for the processes required, through to the risk assessment exercise, documentation creation and he always sent timely responses to any questions related to the management system implementation.” - Lina, Programme & Project Manager

Everflow Tech aimed for a quick and smooth process when implementing an ISO 27001, which is why they chose to use a consultant to help along the way.

Find out more about Everflow Tech here.

To talk to a member of our team about your certification needs please contact us.