Home Resources Case Studies

SmartWater Case Study

14 August 2014
Keeping SmartWater on the Case - SmartWater is certified to ISO 27001 for its information security management system. 

SmartWater Technology Ltd is an innovative company offering a revolutionary approach to asset protection and crime reduction. A client of NQA for over eight years, they have grown consistently and have started to develop an international presence. Certification to ISO 27001 is a pre-requisite for maintaining high information security management systems and close adherence to the standard is required as SmartWater continues to expand into new markets.

It is of paramount importance for SmartWater to have systems that are clear, precise and absolutely repeatable. There is no room for variation or inconsistency. In this context ISO 27001 is essential.

SmartWater Technology Ltd is the company behind SmartWater, a revolutionary product originally conceived with police use in mind. It was created to provide robust, forensic traceability capable of making criminals accountable for their actions.

Every bottle of the solution is unique and identified by a forensic code, which is stored on a secure database together with the owner’s details. The solution is applied to products: cash in transit, valuable assets or items that the police particularly want to track.

The traceability provided by SmartWater helps the police to identify stolen property, and as a result it acts as a powerful criminal deterrent. Security for this sensitive client data is clearly paramount as is the accuracy of the manufacturing and dispatch processes.

Since the evidence provided by SmartWater may be used in court proceedings it is also essential that every process be conducted precisely every single time.

International recognition

When the company was established all the processes were set up with this degree of precision in mind and the organisation started by working to the Association of Chief Police Officers’ standards (LPS1224).

However, SmartWater is a growing company that is developing an international presence, so it was logical to seek certification to an internationally recognised standard. For this reason, the company has been certified to ISO 27001 for over ten years.

“The certification provides the confidence required by our customers and other stakeholders”, summarises Richard Harris, Senior Systems Manager.

Rigorous standard

“It is essential for us to have systems that are clear, precise and absolutely repeatable. There is no room for variation or inconsistency in our sector. ISO 27001 is excellent in that respect – it is very prescriptive in what you need to do to ensure the highest degree of accuracy.”

Not surprisingly, the company already had robust quality control systems in place when it went for certification, but the speed of growth has necessitated an approach to manage this change.

“We particularly like the risk-based approach taken by the standard because it makes you continually review what you are doing. This is vital for a growing company as we need to be sure that any changes we make do not damage the integrity of the system as a whole” continues Richard Harris.

A commercial necessity

“The certification is widely recognised and we would regard the standard as a commercial necessity for us. More importantly, however, it provides an essential discipline for the organisation – an externally evaluated standard that demonstrates how we remain on top of our quality processes.”

Regular checks

“The auditing ensures we will adhere to the ISO 27001 standard and that we continue to review our process to ensure continual improvement. We have been working with NQA for eight years and in this time we have been audited by highly skilled and proactive auditors. I look forward to the audit visit as an opportunity to spend a day exchanging views and picking the brains of the auditor – it’s always a positive process.”

The company is growing steadily, employing 70 people at the head office in Telford and having recently opened an office in the US. ISO 27001 certification remains at the very heart of the company’s offer, providing an independently evaluated assurance of quality.