ISO 27001 provides an international methodology for the implementation, management, and maintenance of information security within a company. Becoming ISO 27001 certified demonstrates conformity of your Information Security Management System (ISMS) with the documented standards, and provides your customers with assurance regarding the security of your system.
ISO (International Organization for Standardisation) was founded in 1947 and is the world's largest developer of International Standards. There are currently 164 member countries and 23043 International Standards covering almost all aspects of technology and business.
The headquarters are based in Geneva with over 135 full-time employees to monitor, maintain and develop standards. ISO 27001 is the internationally recognised standard for Information Security. Accredited Certification can only be issued following a 2-stage audit process by a UKAS Certification Body, such as British Assessment Bureau (BAB), who will verify an organisation's Information Security Management System meets the standard set out by ISO.
Stage 1 Audit
- Apart from advising your colleagues that an auditor is visiting, you do not need to do anything to prepare for the visit.
- The aim is simply to identify what policies, procedures, and processes you already have in place. This looks at the organisation context which includes but is not limited to Activities, Internal & External Issues and Interested Parties.
- Your auditor will then provide a stage 1 audit report (which includes a gap analysis) identifying what is required to meet the ISO standard.
Stage 2 Audit
- Usually within 1 to 3 months you will be ready for your second audit to verify that your organisation now meets the ISO standard.
- Subject to a successful decision from our compliance department, you will receive your UKAS accredited pack within a week.
- The pack includes a copy of your certificate plus 'accreditation badges' which can be added to your vehicles, website and stationery to publicise your achievements.