AMT-Sybex is a leading provider of enterprise asset management (EAM) and mobile solutions to utilities and critical infrastructure organisations.  With over 30 years’ experience, AMT-Sybex combines deep industry knowledge with technical innovation to provide Ellipse, which sits at the core of its EAM solutions, Geofield Cloud and Fieldreach, its fully integrable mobile solutions, as well as a full range of EAM consulting, implementation and managed support services.

To demonstrate its commitment to information security and to meeting evolving client expectations, AMT Sybex pursued and achieved certification to ISO 27001, the International Standard for information security management systems (ISMS).

Governance Strategy and Achievements

Having been certified to ISO 9001 for many years, AMT-Sybex already benefitted from a well-established quality management system (QMS), structured processes, and a culture of continual improvement.  Building upon this existing foundation, and supported by strong buy-in from senior management, it has successfully achieved certification against ISO 27001.  

The decision to pursue ISO 27001 was driven primarily by increasing client expectations, particularly given AMT-Sybex’s focus on the utilities and critical infrastructure sectors.  Working with organisations such as energy providers, water companies and rail infrastructure operators, the Company is required to demonstrate high levels of cyber resilience and information security.  

As a result, achieving ISO 27001 has delivered immediate benefits.  The ability to demonstrate independently verified information security maturity against a globally recognised framework has significantly reduced friction in client onboarding and enabled the Company to respond more efficiently to tender requirements.  This enhanced assurance has strengthened client confidence and is supporting AMT-Sybex’s continued growth within highly regulated and security-conscious markets.

Partnership With URM

Supportive, approachable and responsive

Throughout the ISO 27001 implementation, AMT-Sybex benefitted from clear and responsive support.  Regular check-ins from URM provided reassurance that activities were on track, while prompt feedback on documentation and requirements enabled the Company to address gaps efficiently.  This, combined with AMT-Sybex's equally responsive and organised approach, enabled the Company to move forward quickly, even during the more intensive stages of the project.

Expertise and practical guidance

URM’s input was particularly valuable in helping AMT-Sybex align ISO 27001 requirements with its existing processes. Following an initial gap analysis and risk assessment, the organisation was able to focus on targeted improvements, rather than duplicating effort. Practical recommendations ensured that requirements were interpreted correctly and implemented effectively, supporting a smooth path to certification.

Thorough pre-audit preparation and readiness assurance

A key element of the engagement was an internal audit and follow-up support provided by URM in the lead-up to both Stage 1 and Stage 2 certification audits.  Conducted shortly before the Stage 1 external assessment, the internal audit offered AMT-Sybex a clear view of its readiness, with detailed, practical feedback that was easy to act upon.  Post Stage 1, targeted check-in sessions in the build up to the Stage 2 audit ensured that progress remained on track and any outstanding issues were addressed ahead of the certification audit. This structured preparation phase provided valuable reassurance, helping AMT-Sybex approach the certification process with confidence and clarity.

Conclusion

AMT-Sybex’s successful ISO 27001 certification reflects the strength of its existing governance framework, the strong commitment to success by senior management, its receptiveness to feedback on improvements, and its efficiency in closing conformance gaps. URM’s structured, practical and responsive support complemented this internal capability, providing targeted assurance and guidance at key stages of the journey. Together, the collaboration enabled AMT-Sybex to move quickly to certification readiness – from the initial gap analysis and risk assessment meetings in July 2025 to achieving the certificate in March 2026 – resulting in a robust, fit-for-purpose ISMS that supports both current client requirements and future growth.

"
I am pleased to share my experience with the Cyber Essentials Plus (CE+) Scheme. This certification has been invaluable to Case Pilots in helping us protect ourselves from cyber threats. The comprehensive and user-friendly process provided by URM Consulting gave me a deep understanding of the latest threats, vulnerabilities and best practices in cyber security. The assessors were highly knowledgeable, experienced and able to explain each step of the process clearly and concisely. What I particularly appreciated about the CE+ scheme was its relevance to the real world. The training covered not only the fundamental principles, but also advanced techniques and strategies that are used by professionals to protect their systems and data. Achieving the certification demonstrates to our clients that we are committed to cyber security and that we have the knowledge and skills to protect their data. I highly recommend the Cyber Essentials Plus Scheme to any organisation that is serious about cyber security.