back to listings SME Profile: Pondergrove Ltd

Pondergrove Ltd

22 Liberty House
The Enterprise Centre
Greenham Business Park
Newbury, Berks
RG19 6HS

Tel: +44 (0) 1635 817309



ISM:  information security management systems specialists

ISM is the information security management division of Pondergrove Ltd.  Based in Newbury with a UK-wide team of associates, Pondergrove has a twenty year track record of successfully designing, developing and implementing management systems which not only achieve certification to international standards but also deliver major operational benefits for our clients, which include both private and public sector organisations.

We are dedicated to the delivery of cost-effective information security solutions for public sector organisations, reinforced by our current * G-Cloud status listing

The three core service areas we offer public sector clients are:

  • Information Security/Assurance Risk Assessment and Management

Delivery of a comprehensive information assurance/security risk assessment of your organisation’s business operation, suitable for ISO 27001 certification and HMG accreditation. Outputs can be used to define content of policies and procedures for the organisation’s management system as well as input to the Risk Management Accreditation Document Set.

* Click here for more information

  • Management System Internal and Supplier Auditing

The service plans and delivers a programme of security and/or service quality audits to confirm whether the organisation’s management system is operating as required. The outputs (e.g. audit programme and audit reports) can also be used to achieve ISO 27001 certification, ITIL compliance and HMG accreditation.

* Click here for more information

  • Management System Design, Development and Implementation

Delivery of a comprehensive, operational management system designed to control the information assurance (IA), security and/or service/quality of cloud services, ensuring that services fully and consistently meet client requirements. Outputs (e.g. policies, procedures, SyOps) can also be used to achieve ISO certification, ITIL compliance and HMG accreditation.

* Click here for more information 

Why use ISM for your ISO 27001 requirements?

Using the comprehensive, but lengthy, ISO 27001 standard as the starting point for your information security journey tends to result in the design and development of systems which are large and lack focus; containing controls that may not be needed, and constraining the business operation unnecessarily.  Although such systems achieve conformance, your staff will probably find them difficult to use, resulting in high implementation and maintenance costs. 

The right way to begin your ISO 27001 journey:

  1. define your corporate aims, values and objectives for managing information security
  2. review your existing operational practices and documented procedures
  3. identify your information assets and the security risks which affect them.

This will ensure that the information security management system (ISMS) contains the minimum of complexity and supports the business whilst meeting the requirements of the Standard.

ISM’s unique approach is based on:

  • five ‘Principles of Management Systems’, also published on the company’s website
  • our application of the continual improvement cycle, which ensures that the cycle works to the benefit of the business rather than merely conforming with the applicable standard.

This time-saving methodology has enabled our clients from both the private and public sectors to implement ISO27001-conformant management systems which are easy to use and based on the requirements of the business rather than the standard, thereby delivering improvements in operational performance.

The success of this approach led to the publication, originally in 2003, of our ‘Guide to achieving ISO 27001 certification’. The Guide has been used by at least a hundred organisations who have obtained ISO 27001 certification.  Please apply for the guide using the link below.

Apply for our Free Guide to achieving ISO 27001 certification


Supplier Locator Free Text Search Area

To find the relevant supplier by company name, product or service, please use the free text search box provided below:

[ Search tip: Separate words with spaces ]

2021 Public Sector Digital Marketing Summit: 22-23 September 2021