Schedule a Demo
Back to cases overview

How Fendix gets organizations ISO27001 certified with the help of Guardey

We talked to Kilian Houthuijzen, information security consultant at Fendix, about how they help their customers become ISO27001 certified with Guardey.

Please tell us about Fendix.

Fendix was founded in January 2022. We help organizations to safely organize their data and comply with directives such as the ISO27001. The ISO27001 is a European certificate that demonstrates that your organization adheres to all information security requirements.

How does Fendix help their customers get ISO27001 certified?

Getting ISO27001 certified isn’t exactly a walk in the park. Here’s a quick grab out of what organizations are required to implement before they can get certified:

  • ISMS policies and controls
  • Security awareness training for their employees
  • A Statement of Applicability (SoA) document
  • An internal audit

We help organizations execute all the preliminary work they are required to do to get certified. This can either be in a coaching role or by completely unburdening them from all that work. This process takes about six months to complete. During that time, we map out the organization’s current security status, implement a security awareness strategy, and write out all policies and work instructions.

We’re pragmatic and flexible. For example, we can work remotely but are also completely fine with working on location.

When the auditors from the certification institute arrive at the organization’s doorstep six months later, they’ll be completely prepared.

How does Guardey’s security awareness game help with getting organizations certified?

An important part of getting an ISO27001 certification is investing in the security awareness of your employees. A while back, we were trying to set up our own version of a security awareness training in preparation for that. But creating all that new content would have taken us at least 8 hours every single month. That’s just not efficient.

With Guardey, security awareness training becomes affordable and you don’t need to invest any time in setting it up. All you need to do is monitor the performance of your team, which is easy in Guardey’s learning management system. That’s why we often advise our clients to simply use Guardey instead of doing all the heavy lifting of setting up their own training.

I love that Guardey was built on gamification and micro-learning. Users get recurring training content about cyber security every week, which helps them build up knowledge. After each challenge, they immediately get feedback about why their answer was either right or wrong.

Long story short: security officers don’t want to deal with all the hassle of creating the training material for their employees. And with Guardey, they don’t have to.

Don’t let hackers outsmart you

Make sure your employees are prepared to recognize cyber threats with Guardey. Start your 14-day free trial today.

Frequently Asked Questions

What is gamification?

Gamification is adding game elements into non-game environments, such as security awareness training, to increase participation and foster active learning.

What are the benefits of gamification in security awareness training?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Why is it important to train security awareness on a weekly basis?

Research shows that up to 90% of the learnings from yearly or even quarterly training are forgotten within a few weeks. Guardey was built to keep its users aware of cyber threats 365 days a year. The game comes with short, weekly challenges that slowly builds up the user’s knowledge and eventually drives lasting behavior change.

Which topics are covered in Guardey’s security awareness game?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Every challenge takes up to three minutes to complete.

Can I use Guardey to comply with the ISO27001, NIS2, and GDPR security awareness policies?

Yes. ISO27001, NIS2, and GDPR all require that all employees receive appropriate security awareness training. Guardey is always up-to-date with the latest cyber threats, policies, and procedures.

Is security awareness training important for all employees, or just specific roles?

Cybersecurity awareness training is crucial for all employees, not just specific roles. Every staff member can potentially be a target or an unwitting entry point for cyber attacks. Training helps create a security-focused culture and minimizes risks for the entire organization.

While certain roles may require specialized training, a foundational level of training should be accessible to everyone.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk CTA Guardey website

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial