Compliance with ISO 27001 is often a pre-requisite for working with certain organisations - especially those in the Public or Financial sector - so if you wish to start, or continue, working with them you will need to establish and implement an Information Security Management System or ISMS.

 

 

How secure is your information? 

 

However, information security does not just mean data and IT, backing up and

anti-virus software, it includes aspects such as people, premises and any form of information whether it is produced on paper or electronically.  If your company is considering undertaking the printing of sensitive material such as cheques, you may also need to comply with C&CCS (Credit and Cheque Clearing Standards).

 

As with most management systems, our project starts with a risk assessment. To conduct this we look at every possible eventuality within your company that could put it's confidentiality or integrity at risk. From this we formulate a “risk treatment plan” which will assist in identifying those items most at risk and how these will be addressed and continually improved.

 

Developing a “Statement of Applicability” to Annexe A of the standard will assist you in ensuring the security of your information which will give you a secure advantage over your competitors.

 

As with all of our implementations, 27001 can be integrated successfully with 9001 and/or 14001, and as always, “practical and achievable” is our aim.

 

​