As a business committed to our own cybersecurity and that of our clients, we take pride in external certifications that independently audit and validate our exacting standards. As well as being Cyber Essentials certified, we were one of the first companies in the country to gain the ISO27001:2013 certification after its 2013 overhaul. The ISO27001 standard “specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization”. We continue to be audited annually against these standards, which we use as part of our robust cybersecurity practices.
We have just completed our 2021 recertification process with the auditor, sharing our ongoing cybersecurity commitments, as well as reviewing the updates and adaptations we have made to maximise security in dispersed and remote workforces. Each year we must showcase our systems to the auditor, highlight our changes and developments since the previous year, and demonstrate our solutions to emerging threats and issues. At the end of this year’s assessment, the auditor found zero non-conformances i.e., not a single major or minor issue that contravenes the ISO certification standards. Comments from the auditor are structured against different criteria subsets and included “Excellent” for our Internal Audit Programme, “Well structured” for our Management Review, and overall “demonstrating a significant step forward”.
We are extremely proud to have passed with flying colours, achieving recertification for our ISO27001:2013 for the eighth year running, sitting alongside our regular systems penetration testing, and our Cyber Essentials certification. We are able to pass this knowledge along to our clients, alongside our robust security systems that help clients better protect their own systems. Anyone interested in our advice and support, as well as our systems automation to add an extra layer of protection, should contact the team on 01453 700 800.
ISO27001: 2013 certification is an international best practice standard for Information Security. It aims to reduce risk to information data assets and is primarily focussed on confidentiality, integrity, and availability of data. Find out more about our commitment to our clients and your security +