Case study · Telecoms infrastructure

The certificates that opened public sector doors

CyPro took FreshWave through ISO 27001 and Cyber Essentials Plus with controls the business could keep passing, renewal after renewal.

Client

FreshWave

FreshWave logo

Outcome

Public sector wins on the back of ISO 27001 and Cyber Essentials Plus

Why certification mattered

FreshWave’s growth plan ran through public sector procurement, and two certificates come up in almost every such tender: ISO 27001 and Cyber Essentials Plus. A connectivity infrastructure company cannot treat either as decoration. If the controls behind the certificates do not match how the business really runs, the gap surfaces at the first renewal, in front of the customers the certificates were meant to win.

What CyPro did

One senior practitioner carried accountability for the entire programme. The gap assessment covered both standards in a single pass, the management system was built around FreshWave’s actual ways of working instead of a bought-in template, and the team rehearsed the questions assessors genuinely ask. When remediation needed specialist hands, engineers and penetration testers from the wider CyPro bench stepped in without a handover tax.

The result

Both assessments passed, and the certificates started paying for themselves almost immediately: new public sector contracts cite them directly. Just as importantly, the controls underneath are sustainable, so each annual Cyber Essentials Plus cycle and ISO surveillance audit confirms the same practices rather than triggering a scramble.

"Their new ISO 27001 and Cyber Essentials Plus certifications won them more public sector work."
Tom Bennett , CTO, FreshWave
3D rocket illustration for booking a free certification discovery call

Take the first step

Get Cyber Essentials Plus without the guesswork

Book a free 45 minute discovery call to scope your certification: what the audit will test, what needs fixing first, and exactly what it will cost. No obligation, no hard sell.