Author Gary Hibberd
Agenci believe it’s very important to be able to trust our suppliers and partners, which is why we’ve taken the strategic decision that by the end of 2017 any suppliers of services which are critical to our business will need to be ISO 27001 certified or working towards that standard.
This includes our strategic partners who are helping to support us in providing critical security services and products to our clients.
Why have we done this?
We think it’s very important to be able to trust your suppliers, and the ISO 27001 standard has a whole area of control dedicated to this very topic. We don’t pay ‘lip service’ to what we do and we need to know the people we work with don’t either.
Having suppliers and partners we can trust is important, but more than this – we advise organisations that THEY need to assess their supplier relationships, so we must do the same. As we are ISO 27001 certified ourselves, it will also make it easier when we are ourselves, assessed.
Personally, I get frustrated with Consultants and service providers who expect organisations to buy Security products/services from them, yet they themselves haven’t taken the necessary steps to protect themselves. I liken this to the car salesman trying to persuade me to buy the BMW, but he drives a Mercedes. How can you trust someone who doesn’t “Walk the walk”?
What does this mean?
By the end of 2017 all organisations who provide services to Agenci or are strategic partners will be certified, or committed to achieving 27001. To this end we are working with our suppliers and partners to help them do this. We don’t mind if they don’t take this important step with us, but we fully expect them to be able to evidence that they are fully aligned and/or have achieved certification.
Our Progress so far
We have already begun this process with our Insurer who is currently going through the journey to be aligned to the standard, and our IT Support and Hosting company have, with our help been ISO 27001 certified for a number of years.
We are in the process of setting up a Strategic relationship with a well respected and experienced IT Services business based in Leeds (more on this to be announced), but we are doing so with their full commitment to not only 27001, but also 9001 too.
We continually tell people how important ISO 27001 is. Our suppliers and partners recognise this too.
So, if you’re going to call Agenci looking to sell your product/service, please be prepared for the first question we’ll ask;
Are you 27001 certified?