TestDevLab helps Mapon to maintain ISO/IEC 27001 and extend the implementation scope

Mapon

Mapon is a fleet management and asset tracking platform. Their professional solutions are designed to meet their clients and partners’ business needs. Mapon provides GPS tracking, fuel control route planning, temperature monitoring, tachograph data management, digital vehicle inspections, asset tracking, video telematics, and other solutions. They also offer a variety of integrations to help companies automate their fleet management and other business processes.

Maintaining an ISO/IEC 27001 Compliant ISMS and Adding an Extension to the Scope

As one of the leading fleet management and asset tracking solutions providers in Northern Europe, Mapon works with a large number of clients who expect them to manage their business and personal data following the best information management principles. To meet these expectations, IT security is particularly important for Mapon, and the need for qualified ISO consultants is just as great. In addition to ensuring that their information security management system (ISMS) complies with all the requirements prescribed by the ISO/IEC 27001 standard—their head office already being certified—Mapon wanted to add a scope extension and certify their branch in Spain and a subsidiary in Finland.

With ample experience and knowledge of ISO standards and their implementation, we were happy to offer our ISO advisory services to Mapon, ensuring they follow the best information management principles and successfully attain an extension of the scope for ISO/IEC 27001.

Introducing TestDevLab - Reviewing Internal Processes for ISO/IEC 27001 Compliance and Performing Internal Audit

When we initially partnered with Mapon, we prioritized open communication to understand their expectations, goals, and pain points. We believe that transparency is key to successful cooperation, so it was important for us to establish this from the start.

Mapon wanted to make sure that they had secure processes and practices in place that would ensure all information assets, like personal data, financial information, and intellectual assets, were secure. The best way to achieve this was by achieving ISO/IEC 27001 compliance and getting an extension to the scope of certification for their Spanish branch and Finnish subsidiary. By meeting requirements and adding an ESP/FIN scope extension for ISO/IEC 27001, Mapon could enhance business resilience, gain a competitive edge, and assure their clients and partners that their data is secure.

To get started, we assigned an experienced ISO advisor who provided advisory services for the successful implementation of the ISO/IEC 27001 standard. As Mapon had already obtained the ISO/IEC 27001 certification for their headquarters, they knew what the certification process entailed. However, to add an extension to the scope of certification, their biggest concern was managing the whole process smoothly and matching their existing business processes to the standard requirements. To alleviate their concerns, our ISO advisor guided them through the process, explaining the requirements and how they could be met.

Following the initial consultation, the next step was to perform an internal audit to assess Mapon’s current processes and evaluate its information security management system. The internal audit allowed us to gain valuable insights into their processes, assess information security risks, propose risk mitigation strategies, and recommend appropriate actions to prevent similar risks in the future. We shared our findings with the client, outlining the steps required to pass the final external audit and achieve full compliance with the ISO/IEC 27001 standard.

Based on the internal audit and in close consultation with our ISO advisor, Mapon was able to restructure its processes, develop comprehensive documentation, and implement a mature information security management system that met all standard requirements. TestDevLab’s involvement and expert guidance were instrumental in Mapon certifying their branch in Spain and a subsidiary in Finland. In doing so, they saw an increase in trust from both clients and partners while strengthening their position within their industry.

TestDevLab will continue to support Mapon in its future business endeavors that involve the acquisition of new companies and their integration into existing business processes. In fact, plans are already underway for Mapon to add these principles to their subsidiaries in Estonia and Denmark. TestDevLab also remains committed to supporting Mapon and is available for consultations regarding upcoming information security management trends, including the rise of AI tools and their impact on IT security.