ISO 27001 Without Excel – How purple22 Took a New Approach With SECJUR

About purple22

purple22 GmbH is an innovative cybersecurity startup based in Saarland, Germany. Founded by experienced security professionals, the company offers full-service IT security, ranging from penetration testing to the implementation of information security management systems (ISMS) based on ISO 27001.

purple22 takes a hands-on, holistic approach: they don’t just help clients meet regulatory requirements—they help them truly live information security. And that mindset applies internally as well.

“We didn’t just want to sell ISMS solutions—we wanted to live them ourselves and lead by example.”
— Stephan Schmidt, Co-founder & Security Engineer

The Challenge

Before working with SECJUR, purple22 used traditional tools like Excel and Word to manage their ISO 27001 efforts. While they had experience from previous roles, the process was time-consuming, inefficient, and not scalable for a growing company.

We were able to generate our policies extremely quickly with just a few clicks and minimal editing. That saved us valuable time to focus on the technical implementation in our infrastructure.
Stephan Schmidt
Co-founder and Security Engineer

The Solution

SECJUR offered purple22 a centralized platform to build their ISMS—efficiently, digitally, and with full coverage. A key highlight was the automated Policy Generator:

“We were able to create our policies extremely quickly with just a few clicks. There was minimal need for further editing, which saved us a lot of time for the technical implementation.”

Beyond policy creation, purple22 now leverages the platform’s training module, incident management, and asset documentation features—all integrated in one place. The result: less tool-switching, better structure, and more time to focus on what matters.

The Result

Thanks to SECJUR, purple22 was able to build and operationalize their ISMS within just a few weeks. The streamlined policy creation process and centralized system reduced overhead and accelerated implementation.

For purple22, this wasn't just about meeting standards—it was about proving that ISO 27001 can be implemented in a practical and scalable way. Now fully compliant and operational, purple22 is ideally positioned to help its clients achieve information security—with even greater credibility and hands-on experience.

© 2024 SECJUR. All rights reserved.