Hoppa is a fast growing start up providing data engineering and information management services to the construction sector. By combining an AI-powered SaaS platform with end-to-end information assurance services, Hoppa supports organisations to manage large volumes of complex information more effectively, improving compliance, efficiency, and decision-making.
Challenge
From the outset, Hoppa recognised that strong information security would be critical to scaling its services and earning client trust. But as the business scaled, so did the need for robust, standardised information security.
Manually managing large volumes of documents is traditionally time consuming, costly, and error prone. Many organisations struggle to extract meaningful insights from unstructured data, categorise or maintain accurate records, slowing decision making and increasing costs and compliance risk.
As a growing start up handling sensitive client data, Hoppa needed to strengthen its own information security practices and to ensure they met recognised best practice, to support growth and build trust.
AI Solution
Powered by the latest AI and Natural Language Processing (NLP) techniques, Hoppa’s information management platform automates document processing and information assurance tasks. The system generates structured catalogues and registers with minimal human input, making it more efficient and cost-effective.
One client reported information management tasks being completed 100X faster than an offshore team, delivering major improvements in speed and cost benefits.
BSI’s consultancy support
Through the Innovate UK BridgeAI programme, Hoppa accessed BSI’s consultancy support to better understand and prepare for ISO 27001.
BSI provided a clear, structured framework for applying the standard, helping Hoppa establish a foundation for ensuring that future implementation of its requirements would be proactive and value-additive, rather than retrospective or procedural.
Crucially, this support ensured information security was embedded proactively as the business grows, not bolted on later.
Results and impact
BSI’s consultant confirmed that Hoppa already had some robust information security measures in place but provided guidance on how to enhance them further, strengthening risk identification, assessment, and mitigation. Practical recommendations were provided to enable it to establish a scalable approach to risk management, which was both rigorous and efficient.
As a result, Hoppa now operates with:
- A consistent, scalable approach to information security risk management.
- External validation of its controls, reinforcing the company’s commitment to information security and continuous improvement.
- Increased credibility and trust with clients in its approach to managing sensitive data.
“With the work that we do, strong information security practices are our license to operate. BSI’s consultancy support was a positive validation of our existing information security controls and demonstrates our customer commitment to learning and improving as an organisation,” Tom Goldsmith, CTO & Co-Founder.
Lessons learned and future plans
Moving forwards, as Hoppa continues to scale, ISO 27001 principles will be embedded into future job roles and operational processes. What was once viewed as a compliance exercise is now seen as a strategic framework which drives operational excellence, resilience and client confidence.
BSI’s consultancy support validated that a lot of the controls around information security that we’ve got in place are strong and probably quite advanced for an organization of our size. It also gave us some good strategies to start to reassess in a few months when we come to do another periodic review of this. It was useful to have had the consultancy support, and we have learned a lot from it. We’re very grateful, and we think it has been helpful. We’ve got the report, which is great, and it provides us with an overview of our high-level audit findings.
– Tom Goldsmith, CTO & Co-Founder, Hoppa