ISO 27001 - Information Security
ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an Information Security Management System (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management process. Receiving an accredited certification to ISO 27001 demonstrates that an organization is following international information security best practices. Suppliers and contractors may find that they are increasingly being asked for ISO 27001 certification by clients.
The system promotes efficient management of sensitive corporate information, highlighting vulnerabilities to ensure it is adequately protected against potential threats. It encompasses People, Processes and IT systems. It is a systematic and proactive approach to effectively managing risks to your company’s confidential information. ISMS goes beyond implementing firewalls and antivirus software and keeping computers and servers locked down, by ensuring that the people using the system are well equipped to deal with modern day information security threats.
Our aim is to guide you through your ISO 27001 process with minimal complication and disruption to provide a robust and cost effective route to certification. We minimize duplication of effort where you already have an existing ISO management system in place (e.g. ISO 9001 or ISO 14001). Where needed we will peform an early gap analysis on your system and assess it against the requirements of the standard before you embark on full certification.
Advantages of implementing ISO 27001
- Instil confidence in your clients and staff
- Protect confidential data
- Exchange information securely and improve consistency through procedure and protocol
- Stand out from the competition
- Protection for the company and interested parties
- Reduce risk exposure
- Meet legal obligations
ISO 27001 is the fourth most popular management system after ISO 9001, ISO 14001 and OHSAS 18001 and is the fastest growing system. Each ISO 27001 certification is developed independently for a company’s own specific requirements, so no two certificates will be exactly the same.
We are undergoing accreditation by UKAS (United Kingdom Accreditation Service) during the first half of 2017 and then we will be offering a full certification service. In the meantime we will be performing pre-assessment or gap analysis for interested organisations or making bookings for certifications for those implementing a management system during 2017.