The International Organization for Standardization
The International Organization for Standardization (ISO) is the world's largest developer of voluntary International Standards. Their standards offer solutions and best practice for almost all types of technology and business, helping companies and organisations to increase performance while protecting consumers and the planet.
ISO was developed through global consensus, and its standards aim to break down barriers to international trade. Some well-known standards include ISO 9001 (quality), ISO 14001 (environment) and ISO 27001 (information security management).
What is an ISMS?
An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It helps small, medium and large businesses in any sector keep information assets secure.
Why should you get an ISO 27001 certification?
Gaining an ISO 27001 certification can be a useful tool to add credibility by demonstrating that your product or service meets the information security expectations of your customers. And for some industries, certification may be a legal or contractual requirement. We are certified by QMS International.
Key benefits of ISO 27001 certification
- Protect your IP, brand & reputation
- Improve your processes, helping save you time and money
- Avoid fines for regulatory non-compliance (such as GDPR)
- Avoid civil suits resulting from a data breach
- Avoid costs of remedial action resulting from incidents and/or breaches
When choosing a certification body, you should:
- Evaluate several certification bodies
- Check if the certification body is accredited and uses the relevant CASCO standard. Accreditation is not compulsory but provides independent confirmation of competence.
For organisations in the UK, ISO 27001 recognition is most valuable when certified by a UKAS - accredited certification body that will independently audit your organisation and provide you with ISO 27001 certification. You can find comparable international bodies through the International Accreditation Forum.
How did Skillcast achieve ISO 27001 certification?
Gaining certification requires planning, commitment and resources. There is a brief but thorough 10-step guide on the IT Governance USA site, which is a good starting point.
"Skillcast's ISO 27001 Information Security Management Standard certification is based on third-party verification of our systems, policies and procedures. It gives our clients confidence in our ability to manage the security and integrity of their information"
Our ISMS is paramount to our ability to serve our clients. All our process and data centres comply with ISO 27001.
It includes standards for security policies, organisational security, asset classification and control, personnel security, physical and environmental security, systems and network security, access controls, systems development and maintenance, business continuity management and compliance.
Achieving this certification demonstrates our commitment to ensuring the safety, security and integrity of our clients' vital information, which goes beyond the requirements of the EU General Data Protection Directive.
Want to learn more about GDPR?
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, get priority access to our free online learning portal and other exclusive benefits.