ISPA Winner 2018 17 years of Krystal

Krystal ISO 27001 accredited


Krystal

By: Lara Greaves in Security

Posted on: May 14th 2020 at 10:04am


We’re delighted to announce that we have recently been accredited with the ISO 27001 certification - an international standard which demonstrates that a business is following best practice information security processes.

This is great news for us and our clients, because it allows us to demonstrate that we place both quality assurance and information security at the forefront of our business and that we are committed to achieving and maintaining a standard of excellence.

While we already had many of the policies and processes in place for quality assurance and information security, being audited by the British Assessment Bureau (a leading UKAS-accredited certification body) meant that we were able to formally benchmark our working practices against industry-recognised standards.

If you’d like to see our new ISO 27001 certificate you can check that out here.

What is ISO 27001 and why is it so important for organisations?

ISO 27001 is the only standard that sets out the specifications for an information security management system (ISMS).

Organisations increasingly have to show they can be trusted for information security and privacy management and having ISO 27001 demonstrates that an organisation has identified risks and put in place preventative measures to protect the organisation from information security breaches.

What does this mean for you?

Earning ISO 27001 certification demonstrates our commitment to keep information assets secure and means you can be confident that any data and information given to us is safe and we have procedures in place to ensure it stays that way.

ISO 27001 is not a tick-box exercise or about creating hundreds of policies and processes that just get filed away. It's about how we embed information security management into the beating heart of our organisation and how it becomes a core part of our working day, every day - it simply has to in order to be successful at how we protect information.

Achieving ISO 27001 was no easy task. It involved months of work, culminating in an assessment by an external auditor checking that ISO 27001 standards are truly embedded.

In order to maintain certification, we will need to undertake annual assessments. We will also undergo a re-certification audit every three years to demonstrate our commitment and continual improvements to information security management.

If you have any questions about ISO 27001 and what it means for you as a client, please get in touch here.