Quality Management System
ISO 9001:2015
What is ISO/IEC 27001?
ISO/IEC 27001:2013 is the international standard that provides a framework for Information Security Management Systems (ISMS) to provide continued confidentiality, integrity and availability of information as well as legal compliance. ISO/IEC 27001 certification is essential for protecting your most vital assets like employee and client information, brand image and other private information. The ISO standard includes a process-based approach to initiating, implementing, operating and maintaining your ISMS.
ISO/IEC 27001 implementation is an ideal response to customer and legal requirements such as the GDPR and potential security threats including: cyber crime, personal data breaches, vandalism / terrorism, fire / damage, misuse, theft and viral attacks.
So far in 2019, around 32 percent of businesses identified cyber security breaches or attacks in the last 12 months. The ISO/IEC 27001 standard is also structured to be compatible with other management systems standards, such as ISO 9001 and it is technology and vendor neutral, which means it is completely independent of any IT platform. As such, all members of the company should be educated on what the standard means and how it applies throughout the organization.
Achieving accredited ISO 27001 certification shows that your company is dedicated to following the best practices of information security. Additionally, ISO/IEC 27001 certification provides you with an expert evaluation of whether your organization’s information is adequately protected. Read on to explore even more benefits of ISO/IEC 27001 certification.
ISMS Helps you with
- Asset protection
- Security policy
- Cyber security strategy
- IT governance
- Incident management
- Threat mitigation
- Downtime reduction
- Loss prevention
- Data breaches
- Compliance checklist
- Management systems
- GDPR compliance
STEPS TO YOUR ISO/IEC 27001 CERTIFICATION
Before you can initiate the certification process, your organisation will need to implement a quality management system according to ISO/IEC 27001 requirements and its effectiveness must be thoroughly documented.
For the certification process itself, the following steps have been established:
Step 1
Complete a Quote Request Form so that we can understand your company and requirements. You can do this by completing either the online quick quote or the online formal quote request form. We will use this information to accurately define your scope of assessment and provide you with a proposal for certification.
Step 2
Once you’ve agreed your proposal, we will contact you to book your assessment with an NQA Assessor. This assessment consists of two mandatory visits that form the Initial Certification Audit. Please note that you must be able to demonstrate that your management system has been fully operational for a minimum of three months and has been subject to a management review and full cycle of internal audits.
Step 3
Following a successful two stage audit, a certification decision is made and if positive, then certification to the required standard is issued by WECERT. You will receive both a hard and soft copy of the certificate. Certification is valid for three years and is maintained through a programme of annual surveillance audits and a three yearly recertification audit.
