Point Progress have gained the ISO 27001 certification, in recognition of our commitment to information security
ISO 27001 is the internationally recognised highest standard for information security management systems (ISMS), published by the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission (IEC).
By becoming certified, we have proved the robust processes we have in place are protecting the information we hold, which covers our computer security, physical security, broader cyber security, other privacy and best practices.
ISMS security objectives
ISO 27001 is designed to protect three aspects of information:
- Confidentiality – ensuring information is only accessed by those with authorisation
- Integrity – the information is changed only by authorised persons
- Availability – information must be accessible to authorised persons
In order to achieve these objectives, a set of rules are established to:
- Identify risks to information
- Define safeguards to control the risks
- Set clear objectives for what must be achieved
- Implement controls
- Implement a monitoring system to ensure controls are effectively achieving the objectives
- Make continuous improvements
ISO 27001 defines which documents are required as a minimum, in the form of policies, procedures and review systems, in order to satisfy the rules, set out above.
Benefits of an ISMS
There are several benefits we can offer, from implementing an information security management system:
Legal Compliance – information security is becoming more and more important as technology and the associated risks evolve. There are now increasing numbers of regulations in place and by achieving the ISO 27001 certification, we can demonstrate our ability to comply with all of these.
Customer Confidence – having defined our processes, which have been independently audited, we are in the best position to identify breach risks before they happen. This further protects the information we are trusted to hold, and we are proud to be recognised for this.
Satisfying Audit Requirements – we are always happy to work with existing and potential clients to meet their requirements for suppliers, and we are confident that this certification will help with that.