A small company providing IT services to dozens of clients primarily in the Financial Sector was aiming to become compliant with ISO 27001 (a globally-recognised system of information security standards and procedures).