07766 904918 0
MENU
ISO 27001

Discover how we can help you:

ISO/IEC 27001 INFORMATION SECURITY

An ISO/IEC 27001 information security management system is a systematic and pro-active approach to effectively managing risks to the security of your company’s confidential information.

The system promotes efficient management of sensitive corporate information, highlighting vulnerabilities to ensure it is adequately protected against potential threats. It encompasses people, process and IT systems.

An ISO/IEC 27001 certification can be achieved by any business of any size, in any given sector, which is looking to increase and enhance the company’s security of its data.

THE PROCESS TO OBTAIN ISO/IEC 27001 CERTIFICATION:

Timeframe 6-8 weeks

1. Initial Assessment

  • Identify areas of non compliance
  • Recommended areas of improvement to meet requirements
  • information is gathered to compile documentation

2. Writing of Documentation

  • Documentation is compiled
  • Compulsory procedures are included - inline with your current business procedures

3. Presentation of Certification

  • Once all requirements are met presentation of documentation and certificate is made
  • Company is now certified

 

WHY ISO 27001 CERTIFICATION?

Information is an asset which, has a value to an organisation and consequently needs to be suitably protected.

This standard will help your company coordinate all your security efforts both electronically and physically, coherently, cost effectively and with consistency.

The main benefits include:

YOUR BENEFITS:

  • Cost reductions due to avoiding incidents
  • Smoother running operations as responsibilities and processes are clearly defined
  • Improved business image in the marketplace – customers have peace of mind that the company is trustworthy

 YOUR CUSTOMERS & SUPPLIERS BENEFITS:

  • Working with a trustworthy provider maintains the company’s own integrity to the safeguarding of its data
  • Installs confidence further down the supply chain resulting in stronger customers / supplier relationships

YOUR STAFF BENEFITS:

  • Having appropriate access controls in place lowers the risk of accidental exposure to employees of confidential/sensitive information
  • Reassurance that their employer is meeting data handling security guidelines
  • Defines clearly the precise roles and responsibilities of staff

 

ISO 27001 or 22301 Implementation problems

Here are 5 tips how to avoid such situations:

  1. Treat your implementation as a non-IT project - if you treat your project as a company-wide project, most of the employees won't see this as "just another IT thing" and will therefore understand that, even though they are not responsible for IT, they will be responsible for safeguarding their information.
  1. Ask your colleagues where the problems are - if you ask them, you will almost certainly receive their feedback on what is wrong with safeguarding the information and what should be corrected - use your project to correct those issues, and therefore help them.
  2. Find the benefits applicable to them - if you have, for example, a Sales manager, he or she might not recognize the benefits of ISO 27001 right away; but, if you explain that this will drastically decrease the chance of information leakage to the competitors in a tender process, your valued business will be more protected.
  3. Involve them in writing the documents - if you send them the draft policy or a procedure for their review, not only will you get good input, but you will also get their commitment because now they took part in the process.
  1. Teach them - you must systematically explain to your colleagues why information security or business continuity is needed.

 

 

To discuss your requirements for a consultation, audit or certification Contact Us now.