A flawless security audit, with one trusted partner: How Silverbullet simplified ISO 27001 with LeftBrain

The challenge

Disconnected systems and increasing compliance pressure

Like many scaleups, Silverbullet had grown quickly and organically. While their infrastructure had evolved with the business, internal IT and compliance processes had become fragmented over time.

“We’re a relatively small company, around 85 FTEs (Full Time Employees) and about 110 people overall with contractors worldwide,” explains Joe Goss, Service & Support Manager at Silverbullet. “I’m a one-man band, so I’m generally quite busy. Having to manage multiple vendors for helpdesk and ISO 27001 compliance just wasn’t scalable.”

As a publicly listed company working with major enterprise clients, Silverbullet faced growing scrutiny during RFPs (request for proposals) and security audits.

“Every RFP has a huge section on IT and InfoSec. Even before we get to the data, we’re asked how we manage internal access, risk, and controls. Working with LeftBrain allows us to answer those kinds of questions far easier than we would have done in the past.”

Silverbullet’s ISO 27001 framework was spread across disconnected Excel sheets and folders. It was hard to track progress, harder to keep updated, and nearly impossible to link recommendations back to specific standards.

The solution

Strategic: A single partner for security and IT operations

Silverbullet brought both their IT helpdesk, security operations and ISO 27001 compliance under LeftBrain. It was a strategic move: not just for simplicity, but for effectiveness.

“There were two prongs to it”, says Joe. “One was commercial, the other one was cohesiveness. There are obvious business benefits to having our security and IT looked after by one vendor. Your teams talk to each other and we only have to liaise with one strategist. It makes everything far easier for us to deal with”.

This consolidation created better alignment across infrastructure, access control, security operations and policy management: key components of ISO 27001 success.

Tactical: Smart tools, expert support

We transitioned Silverbullet’s ISO 27001 documentation from spreadsheets and SharePoint into a single custom-built Notion workspace. Everything was mapped to the 2022 standard, with clear dashboards, checklists, and version control, making internal reporting and audit prep seamless.

“The transition to Notion has been an absolute revelation,” Joe says. “It means I can report to our CFO at the drop of a hat instead of saying, ‘I think it’s OK but it’s hard to judge.’”

Alongside compliance, we continue to deliver day-to-day helpdesk support and guidance on infrastructure questions, acting as an embedded extension of their team.

“If we have a question about policy or access or an RFP, I can just Slack someone and get the answer I need, without judgment. That responsiveness has been huge.”

The results speak for themselves

• Zero nonconformities in their ISO 27001 audit
• Faster, clearer reporting to leadership and auditors
• Reduced vendor overhead by combining IT and compliance
• Improved client trust and RFP readiness, enabling continued growth
• On-demand expert support from a team who know their systems inside-out

“If we had a snap audit tomorrow, we’d be able to say what’s done and what’s scheduled. That kind of visibility is amazing. It’s light-touch when you need it, but if the s*** hits the fan, having the weight of LeftBrain behind us is massive.”

And for a fast-moving scaleup, the relationship mattered just as much as the results.

“You’re not a big, unwieldy corporate: you’re agile, trusted, and human. I’d absolutely recommend LeftBrain.”