ISO 27001

020 7954 3860

Your Security is Our Priority

Why Should You Use An ISO 27001-2013 Accredited Supplier?

We believe that ISO 27001:2013 is vital for our business and our customers.

In October 2005, ISO 27001 replaced BS7799-2:2002 as THE international information security management systems standard. ISO 27001 is the standard against which an organisations Information Security Management System must be certified.

ISO 27001:2013,usually referred to as ISO27001, is the international best practice standard for an Information Security Management System.  ISO 27001 specifically prescribes how an organisation will manage information security through a system of information security management tools and procedures, all of which must be followed, and against which an organisations Information Security Management System can be audited and certified by an independent external certification body.

Information Security Management System (ISMS)

We all work in a fast moving business environment where information and information systems are vital to our organisation, no matter what size you are.  Information security is not just about anti-virus software, implementing the latest firewall technology, or locking down your laptops or web servers. The overall approach to information security should be strategic as well as operational, and different security initiatives should be prioritised, integrated and cross-referenced to ensure overall effectiveness.

ISO 27001 provides the standard that helps businesses and organisations throughout the world to develop a best-in-class Information Security Management System.  Encompassing people, processes and IT systems an ISMS is a systematic approach to managing confidential or sensitive corporate information so that it remains secure, available, confidential and with its integrity intact.

ISO 27001 is the standard that organisations worldwide are using to demonstrate regulatory compliance and effective business risk management. 

Summary

Businesses and IT systems in particular, are continually under threat from old, new, known, unknown, internal and external threats. ISO 27001 focuses on identifying all risks to a business, evaluating them, and then putting in controls to mitigate them.   Your business may not need to be 27001 accredited, but if you value your data and its security it makes sense to choose an IT supplier who has demonstrated its commitment to information security by securing  ISO 27001:2013 accreditation.