Member Article

Is your data in safe hands

Safely accommodating ‘anywhere, anytime and from any device’ data access by staff is the biggest single headache facing business owners, and over the last 15 years we have helped hundreds of public and private sector organisations balance availability with opportunity.

Information can make or break a business, which is why we were delighted by a comment on our recent ISO27001 Information Security certification audit. The external audit report said we were commended upon our Information Security Management System (ISMS) with a special observation of Good Practice awarded.

The ISO27001 standard concerns information security and helps you identify the risks to your information and put in place the appropriate controls to help reduce the risk. If you’ve ever been involved in achieving international quality standards you will understand just how much thought, planning and effort we put into maintaining our certification.

Once an organisation achieves the standard it is externally audited every six months, as well as being fully audited from scratch every three years. As we approach our third year of ISO27001:2005 compliance, all our external audits have gone extremely well, with a file full of compliments and commendations from our external auditors.

In preparation for our re-certification in 2016 we have successfully completed our migration to the revised ISO27001:2013 standard. To put this into context, every few years UK quality standards bodies are required by the Government to review and update standards, with each successive update requiring a more in depth review of controls and this recent update looks harder and both internal and external perspectives.

For businesses in fast-moving sectors like IT, where businesses face a constant challenge to maintain information security, this means continually updating our processes and documents.

To sum that up, data security best practice is a lot of work.

But we believe it’s worth it. As an IT partner we have to be able to prove – to an international standard – that we operate within a best practice information security framework. It’s just one of the ways we demonstrate our ability to help clients make sure their confidential information remains that way

This was posted in Bdaily's Members' News section by ITPS Ltd .