What is ISO 27001 & Why is it Important?

Posted by

Anthony Miller

on 19 Nov 2020

What is ISO 27001 & why is it important?

Skillcast's content development, portal and delivery infrastructure and processes have been accredited with the ISO 27001 ISMS certification since 2011.

About the International Organization for Standardization

The International Organization for Standardization (ISO) is the world's largest developer of voluntary International Standards.  Their standards offer solutions and best practice for almost all types of technology and business, helping companies and organizations to increase performance while protecting consumers and the planet.

Developed through global consensus, their standards aim to break down barriers to international trade. Some well known standards include ISO 9001 (quality), ISO 14001 (environment) and ISO 27001 (information security management).

What is an Information Security Management System?

An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It helps small, medium and large businesses in any sector keep information assets secure.

Skillcast's content development, portal and delivery infrastructure and processes have been accredited with the ISO 27001 Information Security Management System (ISMS) certification.

Why should you get ISO 27001 certification?

Gaining an ISO 27001 certification can be a useful tool to add credibility, by demonstrating that your product or service meets the information security expectations of your customers. And for some industries, certification may be a legal or contractual requirement.

We are certified by QMS International

Key benefits of ISO 27001 certification

  • Protect your IP, brand & reputation
  • Improve your processes helping save you time and money
  • Avoid fines from regulatory non-compliance (such as GDPR)
  • Avoid civil suits resulting from a data breach
  • Avoid costs of remedial action resulting from incidents and/or breaches

When choosing a certification body, you should

  • Evaluate several certification bodies.
  • Check if the certification body is accredited and uses the relevant CASCO standard
  • Accreditation is not compulsory, but provides independent confirmation of competence.

For organisations in the UK, ISO 27001 recognition is at its most valuable when certified by a UKAS accredited certification body who will independently audit your organisation and provide you with ISO 27001 certification. You can find comparable international bodies through the International Accreditation Forum.

How did Skillcast achieve ISO 27001 certification?

Gaining certification requires planning, commitment and resources. There's a brief but thorough 10-step guide on the IT Governance USA site that is a good starting point.

"Skillcast's ISO 27001 Information Security Management Standard certification is based on third-party verification of our systems, policies and procedures. It gives our clients confidence in our ability to manage the security and integrity of their information"

Milan Duchovny, Head of IT Infrastructure

Our Information Security Management System (ISMS) is paramount to our ability to serve our clients. All our process and data centres comply with the ISO 27001.

It includes standards for security policies, organisational security, asset classification and control, personnel security, physical and environmental security, systems and network security, access controls, systems development and maintenance, business continuity management and compliance.

Achieving this certification demonstrates our commitment to ensuring the safety, security and integrity of our clients' vital information, which goes beyond the requirements of the EU General Data Protection Directive.

GDPR Course Library

Learn more about Information Security & Compliance

If you'd like to stay up to date with information security best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news subscribe to Skillcast Compliance Bulletin.

To help you navigate the compliance landscape we have collated searchable glossaries of key terms and definitions across complex topics including GDPR, Equality, Financial Crime and SMCR. We also regularly report key learnings from recent GDPR fines.

You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.

And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library.

Last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!

If you've any questions or concerns about compliance or e-learning, please get in touch.

We are happy to help!

Compliance Essentials

Our comprehensive off-the-shelf compliance solution of 30+ in-depth courses and dozens of microlearning modules helps companies from SMEs to global corporates to achieve compliance success.

Start a Free Trial