AMT-Sybex is a leading provider of enterprise asset management (EAM) and mobile solutions to utilities and critical infrastructure organisations. With over 30 years’ experience, AMT-Sybex combines deep industry knowledge with technical innovation to provide Ellipse, which sits at the core of its EAM solutions, Geofield Cloud and Fieldreach, its fully integrable mobile solutions, as well as a full range of EAM consulting, implementation and managed support services.
To demonstrate its commitment to information security and to meeting evolving client expectations, AMT Sybex pursued and achieved certification to ISO 27001, the International Standard for information security management systems (ISMS).
Governance Strategy and Achievements
Having been certified to ISO 9001 for many years, AMT-Sybex already benefitted from a well-established quality management system (QMS), structured processes, and a culture of continual improvement. Building upon this existing foundation, and supported by strong buy-in from senior management, it has successfully achieved certification against ISO 27001.
The decision to pursue ISO 27001 was driven primarily by increasing client expectations, particularly given AMT-Sybex’s focus on the utilities and critical infrastructure sectors. Working with organisations such as energy providers, water companies and rail infrastructure operators, the Company is required to demonstrate high levels of cyber resilience and information security.
As a result, achieving ISO 27001 has delivered immediate benefits. The ability to demonstrate independently verified information security maturity against a globally recognised framework has significantly reduced friction in client onboarding and enabled the Company to respond more efficiently to tender requirements. This enhanced assurance has strengthened client confidence and is supporting AMT-Sybex’s continued growth within highly regulated and security-conscious markets.
Partnership With URM
Supportive, approachable and responsive
Throughout the ISO 27001 implementation, AMT-Sybex benefitted from clear and responsive support. Regular check-ins from URM provided reassurance that activities were on track, while prompt feedback on documentation and requirements enabled the Company to address gaps efficiently. This, combined with AMT-Sybex's equally responsive and organised approach, enabled the Company to move forward quickly, even during the more intensive stages of the project.
Expertise and practical guidance
URM’s input was particularly valuable in helping AMT-Sybex align ISO 27001 requirements with its existing processes. Following an initial gap analysis and risk assessment, the organisation was able to focus on targeted improvements, rather than duplicating effort. Practical recommendations ensured that requirements were interpreted correctly and implemented effectively, supporting a smooth path to certification.
Thorough pre-audit preparation and readiness assurance
A key element of the engagement was an internal audit and follow-up support provided by URM in the lead-up to both Stage 1 and Stage 2 certification audits. Conducted shortly before the Stage 1 external assessment, the internal audit offered AMT-Sybex a clear view of its readiness, with detailed, practical feedback that was easy to act upon. Post Stage 1, targeted check-in sessions in the build up to the Stage 2 audit ensured that progress remained on track and any outstanding issues were addressed ahead of the certification audit. This structured preparation phase provided valuable reassurance, helping AMT-Sybex approach the certification process with confidence and clarity.
Conclusion
AMT-Sybex’s successful ISO 27001 certification reflects the strength of its existing governance framework, the strong commitment to success by senior management, its receptiveness to feedback on improvements, and its efficiency in closing conformance gaps. URM’s structured, practical and responsive support complemented this internal capability, providing targeted assurance and guidance at key stages of the journey. Together, the collaboration enabled AMT-Sybex to move quickly to certification readiness – from the initial gap analysis and risk assessment meetings in July 2025 to achieving the certificate in March 2026 – resulting in a robust, fit-for-purpose ISMS that supports both current client requirements and future growth.
Whether you are at an early planning stage or preparing for audit and assurance activities, we offer a free introductory call to help you assess risks, responsibilities, and the most proportionate route forward.
A short, free, non‑commitment call can help you clarify scope, understand regulatory expectations, and align your approach across standards such as ISO 42001 and NIST AI RMF. Early guidance often saves time and avoids fragmented compliance efforts.
You do not need a fully defined programme to speak with us. We offer a free, no‑obligation call to help you understand ISO 42001 requirements, assess your current AI governance maturity, and identify practical next steps.

