Author Gary Hibberd
Have you noticed how everyone has gone World Cup crazy?! Well I’m pleased to say Agenci would never stoop so low and jump on the band wagon as we have some very important news to announce …
It’s a Hat Trick!
In the last fourteen days Agenci are proud to have helped three different businesses achieve full ISO 27001 registration, with UKAS certification provided by the British Standards Institute (BSI). The three businesses in question are all from the North of England but all from very different sectors; The first, a web design company from Hull, the second, a large engineering business in Hull and the third, a major law firm based in Yorkshire.
Three clients, three certificates, three protected businesses.
It’s a ‘Game of two halves’
To achieve full certification a business needs to pass a ‘Stage 1’ and ‘Stage 2’ audit from a UKAS accredited organisation. This ensures that there is a formalised Information Security Management System (ISMS) in place (Stage 1) and the business has also been able to provide evidence that the ISMS is working, is being implemented and has support (Stage 2).
“End to End Stuff”
Information Security needs to be applied across the business and from top-to-bottom, with senior management assuming ownership and accountability and with everyone in the business understanding their roles and responsibilities.
“It’s all about the team”
Whilst Agenci have been instrumental in helping these businesses achieve their success, we believe it is a team effort by all involved which ensures that this isn’t merely a ‘tick box exercise’. We always stress the importance of involving those in the business in developing the ISMS and in its implementation, because ultimately it’s theirs to own.
“This game needs a goal”
When starting out on the road to helping these businesses achieve certification, we always start by asking “What is your goal?” Why do you need this? What will it do for you? Of course we understand that certification will bring about efficiencies in the business and will help them tender for (and be successful in) larger contracts. But we feel it’s important to understand what each is trying to achieve; We don’t do ‘one size fits all’.
“At the end of the day”
When the dust settles and these three clients look at their certificate of ISO 27001 compliance from a UKAS accredited organisation they should be quietly confidently proud of their achievement. Agenci are always pleased to take businesses on this journey to certification but are also at pains to explain that at the end of the day, the certificate is only the start of the journey. Like passing your driving test, you need to learn to practice what you’ve learnt in a multitude of situations whilst avoiding a plethora of hazards.
We’d again like to congratulate the three businesses we have helped and look forward to working with you going forward to continue to build a resilient and robust Information Security framework.
Agenci Cyber Security is responsible for protecting businesses from cyber threats, cyber-attack, internal threats and business outages. Agenci Information Security ensures clients systems are secure and provide peace of mind through a range of proven specialist information security solutions.
ISO 27001 is the international standards for Information Security. Gaining ISO 27001 certification can provide evidence that your business meets the standard and operates to best practice for information security.