Accelerating Compliance: CargoAi’s Swift Journey to ISO 27001 Certification with Sprinto
Singapore-based CargoAi is known for its cutting-edge, AI-enabled cloud-native platform that serves freight forwarders, airlines, TMS providers, and GSAs. Their innovative ecosystem optimizes air freight operations, ensuring seamless processes and end-to-end visibility throughout the procurement journey. CargoAi is a trusted partner to more than 97 airlines in 128 countries and connects 13,000+ freight forwarders worldwide.
ISO 27001
Singapore
2 months
Time to achieve ISO27001 certification
Improved client responsiveness on RFQs
Reinforcement of information security commitments
Ready to get started?
Challenge
In addition to its role as a marketplace, CargoAi operates as an IT middleware focused on tailor-made integration projects. Acknowledging the pivotal role of cultivating and showcasing top-tier security measures in building trust and encouraging adoption, CargoAi has devoted itself to setting new benchmarks in security practices. Among others, this commitment underpins their innovation projects, aimed at elevating user experiences through security guarantees.
“Given the nature of engagements we undertake, demonstrating high standards of security is key to success. Most of our clients are ISO-aligned. This only made us want to pursue compliance more aggressively and get certified,” notes François-Xavier Gsell, CTO at CargoAi.
Given that ISO27001 stands as a reliable measure of trust and operational dependability, CargoAi was eager to align its practices with this security framework. With an upcoming product launch looming, CargoAi prioritized achieving compliance and obtaining certification, a move aimed not only to solidify trust in the new product but also to reinforce overall organizational security.
Amid the simultaneous launch of CargoWALLET – their new product – CargoAi faced the delicate task of seamlessly enforcing ISO 27001-aligned controls and running control monitoring and validation, both pivotal for achieving ISO compliance. While adhering to the stringent standards of ISO 27001 remained paramount, their central challenge lay in systematically implementing these requirements. In a bid to unburden their team and ensure a structured approach, CargoAi evaluated various compliance management platforms and service providers. They also considered collaborating with security consultants to grasp the nuances of ISO 27001 certification better. Following multiple discussions, CargoAi formulated an ‘Internal Strategy Plan’ outlining crucial steps required to achieve compliance with the standard. However, they recognized that embracing a comprehensive tool offered the optimal route to building and streamlining a security program in time to meet compliance requirements and secure certification in preparation for the upcoming launch.
We began searching for the most advanced platform not only to obtain ISO validation but, more importantly, to have a tool for continuous, automated monitoring to the fullest extent possible. Sprinto quickly emerged as the right choice.
Solution
Sprinto seamlessly integrated into CargoAi’s cloud stack, identifying gaps and necessary activities required for compliance before the auditor’s review deadline. Supported by a well-defined roadmap, marked by time-bound tasks, CargoAi made quick progress toward its certification goals. After completing critical activities across ten sessions, CargoAi shifted to weekly meetings, to track status, and course correct and ensure compliance thresholds.
Leveraging Sprinto, CargoAi successfully connected various functions across the organization onto a unified platform. This centralized and streamlined ISO 27001 processes and procedures, allowing for the centralized publication of policies and the allocation of [compliance] responsibilities to relevant roles. It also facilitated the streamlining of day-to-day operations, including onboarding and offboarding, per compliance best practices.
Backed by an enthusiastic and committed team dedicated to meeting strict timelines, CargoAi, using Sprinto, stayed on track and successfully met the planned deadlines in time for the ISO 27001 certification audit.
Sprinto also played a pivotal role in enhancing security measures by streamlining our processes, particularly in risk assessment and management, establishing more robust security protocols across the board.
Results
Collaborating with Sprinto, CargoAi streamlined its compliance journey, completing the ISO 27001 certification audit within 2 months.
Throughout the process, Sprinto’s real-time compliance dashboard and automated evidence-gathering capabilities played the biggest role in keeping CargoAi on track and audit-oriented. This eventually resulted in successful interactions with auditors and facilitated easy evidence review in due time.
“We now have an efficient platform that automatically monitors compliance across our entire tech stack daily,” exclaims François-Xavier.
Securing ISO 27001 compliance marked a pivotal moment for CargoAi, solidifying its internal security standards and customer commitments. By bolstering the platform’s credibility and fostering confidence, CargoAi is thrilled to stand by standards that render the brand both favorable and formidable.
“We are thrilled to have achieved ISO 27001 certification in such a short time. I am very proud of this achievement for our team as it highlights that our existing policies were very robust, which meant that it was just a matter of certifying that our processes were in line with international standards,” notes François-Xavier.