WHAT IS ISO 27001?
The ISO 27001:2013 (formally known as ISO/IEC 27001:2005) standard provides a framework for an Information Security Management Systems (ISMS) that enables the continued accessibility, confidentiality and integrity of information as well as legal compliance. Essential for protecting your most vital assets.
Implementation is an ideal response to customer and legal requirements such as the Data Protection Act and potential security threats including:
- Cyber crime
- Personal data breaches
- Vandalism / Terrorism
- Fire / damage
- Viral attack
ISO 27001 is also structured to be compatible with othermanagement systems standards for such as ISO 9001 and it is technology and vendor neutral, which means it is completely independent of any IT platform.
What is an ISMS?
An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
It can help any size organisation within any industry keep business information assets secure.
IS ISO 27001 RIGHT FOR ME?
It’s right for you and your organisation if you need the evidence or assurance that your most important asset is protected from misuse, corruption, or loss.
We have certified organisations to ISO 27001 in a diverse range of sectors including Royal Mail Group, Smart Water Technology, Barcode Warehouse and the Northern Ireland Council for Curriculum, Examinations and Assessment.
“ISO 27001 certification is widely recognised and we regard the Standard as a commercial necessity.” Smart Water
WHAT ARE THE BENEFITS OF ISO 27001?
Customer satisfaction. Give customers confidence that their personal information is protected and confidentiality upheld.
Business continuity. Avoid downtime with management of risk, legal compliance and vigilance of future security issues and concerns.
Legal compliance. Understand how statutory and regulatory requirements impact your organisation and its customers and reduce risk of facing prosecution and fines.
Improved risk management. Ensure customer records, financial information and intellectual property are protected from loss, theft and damage through a systematic framework.
Proven business credentials. Independent verification against a globally recognised industry standard speaks volumes.
Ability to win more business. Procurement specifications often require certification as a condition to supply, so gaining certification opens doors.
“In partnership with NQA, we have developed a rigorous and systematic approach to our information security management.” Nextira One
WHAT IS THE ISO 27001 CERTIFICATION PROCESS?
Application for registration is made by completing the ISO 27001 Quote Request Form. This provides information about your organisation so we can accurately define the scope of assessment.
Assessment to ISO 27001 is undertaken by NQA - this consists of two mandatory visits that form the Initial Certification Audit (explained below). Please note that you must be able to demonstrate that your management system has been fully operational for a minimum of three months and has been subject to a management review and full cycle of internal audits.
Certification to ISO 27001 is issued by NQA and maintained through a programme of annual surveillance audits and a three yearly recertification audit.
For further information on the audit stages click here.
YOUR NEXT STEPS
Client Success Stories - We've helped thousands of clients to improve performance with standards certification – read their success stories here.
ISO 27001 Training - We have expert ISMS tutors who provide awareness, implementation and auditor training options to suit your needs and budget. These give you the skills to implement, audit and manage an effective information security management system.
Gap Analysis - We can undertake a gap analysis to help you determine the likely workload and timescale for implementing a information security management system that will achieve ISO 27001 certification. You can use this to plan implementation or brief a consultant.
Talk to Us
We can advise you on how to achieve certification, related training, useful resources and finding a reputable consultant.
Contact our business advisors on 080-67740400 or use this form to get a quick quote.