Having ISO Certification means that we follow the rigorous processes set out by the International Organization for Standardization.
We have a robust Quality Management System as well as security controls in place which ensure our customers, and their data, are protected from unauthorised access, corruption and loss.
The ISO 27001 standard provides the framework for an effective Information Security Management System (ISMS).
It sets out the policies and procedures needed to protect organisations and includes all the risk controls (legal, physical and technical) necessary for robust IT security management.
By becoming ISO 27001 certified, we are showing a commitment to ensuring that adequate security controls are in place to protect information and data from being accessed, corrupted, lost or stolen.
ISO 27001 requires that management:
- Systematically examines the organisation's information security risks, taking account of the threats, vulnerabilities, and impacts.
- Designs and implements a coherent and comprehensive suite of information security controls and other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable.
- Adopts an overarching management process to ensure that the information security controls continue to meet the organisation's information security needs on an on-going basis.
ISO 9001 is the international standard for a Quality Management System (QMS)
In order to be certified, a company must follow the requirements set forth in the ISO 9001 Standard. The standard is used by organisations to exhibit their ability to consistently provide products and services that meet customer and regulatory requirements and to demonstrate continuous improvement.
There are several different documents in the ISO 9000 family of standards, but ISO 9001 is the only standard in the series that requires certification. The current version is ISO 9001:2015, which was published in September of 2015.
ISO 9001 contains eight key principles of quality management which are not auditable, but do form the fundamental characteristics of quality management:
- Customer focus - understand and meet their customers' current and future requirements and expectations.
- Leadership - employees can become fully involved in achieving the organisation's unified objectives.
- Involvement of people - competent employee retention, encouraging continuous enhancement of their knowledge and skills, and empowering them, encouraging engagement and recognizing achievements.
- Process approach - performance is enhanced when leaders manage and control their processes, as well as the inputs and outputs that tie these processes together.
- Systematic approach to management - processes are managed as one coherent quality management system.
- Continuous improvement - identify, create and exploit new opportunities when they establish and sustain an ongoing focus on improvement.
- Factual approach to decision making - have an established evidence-based decision making process that entails gathering input from multiple sources, identifying facts, objectively analyzing data, examining cause/effect, and considering potential consequences.
- Mutually beneficial supplier relationships - nurture positive and productive involvement, support and feedback from suppliers and partners.