What is ISO 27001 Certification & Why is it Important?

Posted by

Anthony Miller

on 17 Aug 2023

Skillcast's content development, portal and delivery infrastructure and processes have been accredited with the ISO 27001 ISMS certification since 2011.

What is ISO 27001 & Why is it Important?

The International Organization for Standardization

The International Organization for Standardization (ISO) is the world's largest developer of voluntary International Standards. Their standards offer solutions and best practice for almost all types of technology and business, helping companies and organisations to increase performance while protecting consumers and the planet.

ISO was developed through global consensus, and its standards aim to break down barriers to international trade. Some well-known standards include ISO 9001 (quality), ISO 14001 (environment) and ISO 27001 (information security management).

Free GDPR Training Presentation

What is an ISMS?

An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It helps small, medium and large businesses in any sector keep information assets secure.

Why should you get an ISO 27001 certification?

Gaining an ISO 27001 certification can be a useful tool to add credibility by demonstrating that your product or service meets the information security expectations of your customers. And for some industries, certification may be a legal or contractual requirement. We are certified by QMS International.

Free Cyber Security Training Presentation

Key benefits of ISO 27001 certification

  • Protect your IP, brand & reputation
  • Improve your processes, helping save you time and money
  • Avoid fines for regulatory non-compliance (such as GDPR)
  • Avoid civil suits resulting from a data breach
  • Avoid costs of remedial action resulting from incidents and/or breaches

When choosing a certification body, you should:

  • Evaluate several certification bodies
  • Check if the certification body is accredited and uses the relevant CASCO standard. Accreditation is not compulsory but provides independent confirmation of competence.

For organisations in the UK, ISO 27001 recognition is most valuable when certified by a UKAS - accredited certification body that will independently audit your organisation and provide you with ISO 27001 certification. You can find comparable international bodies through the International Accreditation Forum.

Free Information Security Training Presentation

How did Skillcast achieve ISO 27001 certification?

Gaining certification requires planning, commitment and resources. There is a brief but thorough 10-step guide on the IT Governance USA site, which is a good starting point.

"Skillcast's ISO 27001 Information Security Management Standard certification is based on third-party verification of our systems, policies and procedures. It gives our clients confidence in our ability to manage the security and integrity of their information"

Milan Duchovny, Head of IT Infrastructure, Skillcast

Our ISMS is paramount to our ability to serve our clients. All our process and data centres comply with ISO 27001.

It includes standards for security policies, organisational security, asset classification and control, personnel security, physical and environmental security, systems and network security, access controls, systems development and maintenance, business continuity management and compliance.

Achieving this certification demonstrates our commitment to ensuring the safety, security and integrity of our clients' vital information, which goes beyond the requirements of the EU General Data Protection Directive.

GDPR Training Presentation

Want to learn more about GDPR?

We've created a comprehensive GDPR roadmap to help you navigate the compliance landscape, supported by a comprehensive library of GDPR Courses.

We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, posters, training presentations and even e-learning modules!

Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, get priority access to our free online learning portal and other exclusive benefits.

GDPR Training Presentation

The fines for GDPR breaches represent up to 4% of your global annual turnover or EUR 20 million, whichever is the highest. So it is critical to ensure your organisation understands and adheres to GDPR.

Our free GDPR Training Presentation is fully editable, presents the key points in plain English and is packed with practical activities to accelerate learning

Download your free training aid