WHAT IS ISO AND ISO 27001?
The ISO is the International Organization for Standardization and is an independent body dedicated to identifying best-practices in over 20,000 areas. Once they identify the best practices in a particular process, the ISO creates standardisation certification programs. These certifications can then be used by any organisation to bring their practices in line with the practices of the best-of-breed organisations in the world.
In our case, we have chosen ISO 27001, which is a comprehensive set of best practices for information security management systems. It is an internationally recognised standard, and means CIS has:
- Examined our information security risks.
- Designed a set of security controls to mitigate these risks.
- Adopted management processes to review these controls on an ongoing basis.
- Conducted an internal audit of the above to test for conformity.
- Had an audit conducted by an ISO accredited external party to test for conformity
The renewal of our certification requires an annual audit to test for continued conformity, which continues to keep us up to date with the best practices and makes sure our clients have confidence in our systems and procedure, and they can depend on us to protect their information and valuable data.
HOW DOES THIS IMPACT CIS?
As IT, Communications, Cloud, Cyber Security, and Data Security is at the very core of the CIS offering; we have committed to adopting a broad set of security best practices, including those governed by ISO 27001.
This certification confirms our ongoing commitment to the security, confidentiality, and high availability of our solutions. It’s important to understand ISO 27001 isn’t just a ‘one-off’ audit, but an ongoing process of continuous improvement, review, and engagement with security standards and processes.
WHAT DOES THIS MEAN FOR CIS CLIENTS?
Things are good indeed for our clients. As CIS works with High-Tech firms, Accountancies, Law firms, Financial firms, Architects, the NHS Digital framework, and other organisations with highly sensitive information, it is critical we maintain the very highest standards.
Through this certification, you not only know we have the appropriate policies, procedures and systems in place to keep your data secure. You also know CIS takes the responsibility of managing your IT seriously enough to subject ourselves to these audits and to maintain these high standards.
You have an assurance we are operating in a professional manner that highly values security, is compliant with an internationally recognised standard, and has been audited by an accredited third party. This certification also provides additional clarity and assurance to you when evaluating the quality, breadth, and strength of our security practices.
DO YOU HAVE MORE INFORMATION ON THE ISO 27001 STANDARD?
We recommend you check out the International Standard Organisation’s (ISO) website. They provide plenty of information on what is covered by ISO 27001.
For more information, please feel free to contact us at 01367 700 555 and speak to our Sales Team – or use our contact us form