This accreditation is particularly important to us and highlights our continued commitment to information security and provides assurance to our customers that we have the ability to protect their data and reputation at all times.
An ISMS (Information Security Management System) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
To successfully achieve the accreditation we had to demonstrate the following criteria;
- Effective implementation, maintenance and improvement of management system and capability of achieving policy objectives
- Establishment and tracking of appropriate key performance objectives and targets
- A fully implemented internal audit program that demonstrates effectiveness as a tool for maintaining and improving the management system
- Management review process ensures the continuing suitability, adequacy and effectiveness of the management system
- Overall conformance with the requirements of the standard
We will continue to review and enhance our compliance and our retention of ISO27001 is just one key element of this.