Govtech blog | Latest news and insights

It’s more than just a badge; ISO27001 & Cyber Essentials recertification

Written by Angela Messenger | Nov 15, 2021 9:01:50 AM

For the 4th consecutive year, we’re proud to have passed and been recertified for ISO27001 and Cyber Essentials. It’s great for us, but it’s also great for you – why? It’s more than just a badge. It’s a sign of commitment and trust; it symbolises how we work in a secure and safe manner and most importantly, demonstrates how you can depend on us to do the same for you.

Why ISO27001 Helps US and helps YOU


Attempting to get ISO27001 certification requires 5 things:

  1. Investment
    Both TIME & MONEY. It’s not cheap. You need the support of expert consultants to evaluate your policies, procedures and processes and prepare you for the external audit. Then you need to contract with the assessor, and you need to commit to months (at least) of preparation.
  2. Stamina
    Evaluation is deep, challenging, and thorough. It’s a long haul creating and IMPLEMENTING the required number of policies and processes, training your staff, and making sure that the company culture shifts to absorb the practices prescribed by your procedures into their DNA, otherwise you won’t keep the certification!
  3. Courage
    It’s a little scary having your practices scrutinised by independent third-party consultants and assessors. People trained to shine their penetrative searchlights into the darker, dustier corners of your real-life working practices. You must be willing to CHANGE, to be CHALLENGED, to be OPEN to criticism. You won’t succeed, improve, learn if you’re not brave enough to be open and honest about what you know you do well and what you know you need to do better.
  4. Belief
    If you don’t believe in the process (beyond the commercial incentive to be able to show you’ve been externally validated as having the most rigorous and robust security practices in place) you won’t model the required behaviours and standards. Then your staff won’t feel driven to adhere to the highest standards, and you won’t be able to challenge shortfalls when you are not a credible example of the standards you try to enforce. Also, going back to point 2. Stamina, it’s hard to keep going if you don’t BELIEVE in the OUTCOME.
  5. Great Staff
    You need committed, dedicated staff who ‘GET IT’. Who realise that the integrity of the data you manage, the robustness of your security practices at every step, for this is the foundation on which the reputation of your company stands. Also, by involving every team member in the process of gaining the accreditation, there is a shared sense of achievement – and, consequently, there is a shared desire to retain it!

And because we adhere to each one of these crucial points and it’s instilled into our daily working practices, it is why you can trust us to manage and handle your data with confidence.

“As cyber threats to customer data continue to evolve and proliferate, our commitment to attaining accreditation for, and complying with, national and international information security standards is a vital component in delivering a reliable, safe and secure service to our customers.”

Andrew Melvin, Managing Director, Govtech Solutions

 

A commitment to our customers

We have robust measures in place to safely manage our own and customers’ data. We understand the importance of data security, and ensure best practice, including scores of written Information Security Management System (ISMS) policies and procedures. These processes are validated by industry-leading certification to give you peace of mind and are audited as part of being accredited to the ISO27001 Security Standard.

ISMS is also important for our responsibility to cyber security. Cyber Essentials is a CREST-accredited merit in recognition that we safeguard our systems from the most common cyber threats; a mandatory requirement to work within UK government. We provide regular cyber training (a part of our ISMS) to ensure each team member is up to date of the latest threats and techniques – Cyber Essentials is part of that approach, and we work hard to maintain our standards.

Unless an organisation is independently accredited, it is very difficult to compare what it says it does against others. The point of accreditation is to confirm that we comply with standards set by the International Standards Organisation (ISO), so our customers have that reassurance; we do exactly what we say we do!

A sign of trust

Being accredited to a standard is often a pre-requisite to being able to do business with other organisations but for us, it is also good for the business. It helps us to ensure that what we understand what we are doing, what the implications are for all our stakeholders and that we are doing it in a controlled way.

It’s important that you can trust your supplier, and that’s why our recertification is vital to who we are and how we operate. We want to ensure customers and prospects that we are a reputable partner, demonstrate our credibility, and provide you reassurance. If you have any questions regarding our processes and procedures, simply ask.

     
 

Sharing experiences, leads to success

We’re proud of our customers’ achievements and how they’ve embraced digital transformation to attain their goals. Take a read of our success stories and realise the value of digital process automation and how we help councils overcome their obstacles, with guaranteed outcomes.

  
View full post