How LifeArc leveraged Xoralia to get ISO 27001 certified
- Olga Sherbakova
Xoralia launches within three days to secure ISO 27001 certification with easy policy access and high employee attestation rates
LifeArc is a self-funding, not-for-profit UK medical research charity, and they specialise in early-stage translation – advancing lab-based scientific discoveries to a point at which they can be developed into the next generation of diagnostics, treatments and cures.
LifeArc operates in a strictly regulated sector where compliance and information security are critical. It is essential that LifeArc’s workforce have easy and effortless access to the latest up-to-date policies and procedures.
Supporting LifeArc’s ISO 27001 certification audit
Providing access to policies and establishing related employee attestation processes was considered to be an important factor in LifeArc gaining ISO 27001 certification, confirming that robust information security management processes and practices are in place.
LifeArc had an upcoming ISO 27001 audit and wanted to urgently improve the access employees have to information security policies and procedures.
Policies were currently being stored across LifeArc’s SharePoint tenant but weren’t always easy to find, with multiple versions of the same policy circulating. Employees found they were wasting time and wanted to be confident that any policy they found was up to date.
Meeting an ambitious three-day deadline
With only days to go to the audit, LifeArc approached Content Formula for guidance on how they could best reorganise their policies and procedures documentation and provide easier access for employees, for example using labelling and relevant document tags to improve findability.
After holding a workshop to understand their needs, we recommended that LifeArc immediately implement Content Formula’s Xoralia policy management solution.
As Xoralia can be installed rapidly and would integrate seamlessly into LifeArc’s existing SharePoint environment and Microsoft 365 digital workplace, we aimed for an ambitious three-day go-live date, meeting the deadline for the approaching information security audit.
Launching Xoralia’s policy management solution in record speed
Working in a close partnership with LifeArc, we worked to get Xoralia live within 72 hours. The project team gathered the latest version of policies and procedural documents from policy owners so these could be easily accessed through Xoralia’s central policy library.
We worked with LifeArc to configure Xoralia with custom labels and tags so that policies can easily be found by employees, either through search or by browsing meaningful categories.
The strong partnership between Content Formula and LifeArc enabled a successful launch to all 500 employees within the deadline.
An easily accessible central policy library that employees trust
Today Xoralia provides easy access to nearly thirty key policies, processes and guidelines relating to information security, risk management, physical security and related topics.
LifeArc, with the help of Xoralia, has successfully achieved their desired ISO 27001 accreditation, providing confidence to regulators and external partners that information security is robustly managed to the highest standards.
Achieving high rates of employee attestation
Employees and consultants working with LifeArc leverage Xoralia’s employee attestation features to confirm that they have read and understood information security policies.
Using Xoralia’s in-built reporting features, teams monitoring compliance can easily trigger further notifications to raise attestation rates; this is already having some success as the charity is now working towards increasing the high 87.5% attestation rate that has already been achieved.
Extending the success of Xoralia
The team are impressed with the impact Xoralia has had. Not only has it helped the charity to achieve ISO 27001 accreditation but also eliminated issues around version control and made it easier for policy owners to keep their documents up to date, with related notifications and clarity over ownership.
It has also saved employees time and increased confidence that the policies accessed are the very latest.
Given this success, the team are now planning to extend the use of Xoralia to focus on their documentation relating to laboratory operations, another area where policies, procedures and guidelines are key.
The story behind Xoralia
Xoralia was built by the team at Content Formula, an intranet and digital workplace consultancy that has built SharePoint intranets for some of the world’s most famous companies. Now, most companies want their policies and procedures on the intranet but they don’t just want to store them there, they also want tools to help better manage them. Over the years we came across just about every single requirement for a policy management system. As this article above explains, there are gaps in SharePoint and so we never built what in our mind was the perfect policy management system.
However, one of our clients challenged us to build something for them that filled all the gaps but still used SharePoint at the back end. We had a great relationship with them and agreed to share the budget to do this, provided we could then market the solution to others. That was in 2019. We’re now on version 3 of Xoralia and the product has grown and evolved a lot.
3 benefits you can expect from Xoralia
Make it easy to find policies
Centralised policy library with powerful search and filtering
Reduce administrative burden
Automations and notifications so that all policy tasks are carried out on time
Demonstrate compliance and best practice
Sophisticated tracking and dashboards to drive and measure compliance.
And lots more!
What our clients say
AppSource review
A great time saver and tool for document management
Tim Galer
IT Coordinator
Hughes
Ideal partner for our regulated environment
Adam Lythgoe
IT Manager
LifeArc
How to get started with Xoralia
Step 1: request a demo
Fill out our form and we will be in touch to arrange a time. You can even book a time yourself.
Step 2: get a price proposal
If you think Xoralia is for you ask us for a quote. This will set out any options you may have.
Step 3: install and launch
We’ll install Xoralia in your environment (or you can do it yourself). We’ll provide training and support to get you up and running quickly
Here's what you'll get
-
Central policy library
-
Search and filter tools
-
Mandatory read policies with attestations
-
Quizzes
-
Notifications and alerts
-
Employee dashboard
-
Line manager dashboard
-
Works on mobile, in Teams and SharePoint
-
New policy creation workflows
-
Policy update workflows
-
Review and approval gates
-
Policy version history
-
Compliance dashboard
-
Audit trail
-
Full reporting
And last but not least:
-
Professional implementation service and support
-
Evergreen software – frequent updates and improvements
-
Comes with our "it just works" support warranty – we’ll fix any bugs, often before you even notice
Ready to get started?
Connect with us to streamline your policy management and ensure effortless compliance.
AppSource review
Uniting excellence in integration and features for seamless policy management
Rian Stuart
IT Manager
TwinStream
