iQuda Passes Annual ISO 27001 Audit

iQuda was awarded with ISO 27001 certification for a second year after an independent audit by the British Assessment Bureau. The UKAS accredited firm found no nonconformities during the audit, confirming iQuda adheres to the international information security standard. The audit took place on 16th June 2017, one year since iQuda first achieved certification.

“iQuda is proud to have achieved ISO 27001 certification for another year. The standard marks a major milestone for the company.” said Anthony Jones, Managing Director of iQuda. “Security is a major concern for both us and our customers and we’re making it our top priority.”

What is ISO 27001 Certification?

ISO, the Internal Organisation for Standardization, publishes a range of standards. Each standard focuses on a niche area, using expert best practice to produce a standardized method for working. Well known standards include ISO 9001 Quality Management, ISO 14001 Environmental Management and ISO 27001 Information Security Management. ISO 27001 is an independent management standard designed to help organisations keep information in their care secure. The standard defines a wide range of measures to protect data and ensure business continuity. The standard contains a list of interconnected clauses covering best practice. Clauses include business continuity, staff competency, technical safeguards and auditing procedures among others. Firms seeking certification are required to implement an ISMS (information security management system) and commit to working in line with the standard. Certified firms are independently audited to check compliance at least once per year.

Why iQuda Sought ISO 27001 Certification

Security is the single largest threat to firms that use technology extensively. iQuda achieved certification as a commitment to maintaining data security. For customers, ISO 27001 provides assurance that iQuda employs best of class security practices. Certification proves the company emphasizes security at every level of the business. The hospices, charities, healthcare providers and businesses we work with need assurance of our credentials. Having ISO 27001 certification offers client external validation that the company works to best practice.

The ISO 27001 Audit Process

The organisation seeking certification must be able to evidence every clause of the ISO 27001 standard on the audit day. The auditor runs through all evidence the company supplies, looking for gaps and nonconformities that expose information and business continuity to risk. The organisation being audited will fail the audit if any major nonconformities are found.

Security in IT

Two major ransomware attacks, WannaCry and Petya, have taken place in 2017 alone. The WannaCry attack affected more than 200,000 victims and 300,000 computers. The NHS, FedEx and Deutsche Bahn were among those affected. Petya, the latest ransomware attack gained momentum on the 27th June 2017, quickly targeting Ukraine Governments, banks and electricity firms. Companies in France, Denmark and USA were also affected. Even the radiation monitoring systems at Chernobyl were taken offline. With security posing a significant threat to the UK, its vital IT providers have adequate measures in place to protect their clients. ISO 27001 certification ensures iQuda makes information security management a central component of our business management system.

Next Steps

For more information, please contact us on 01442 251 514 and we will be more than happy to advise you further. iQuda offers a range of information security services, please explore our website to find out more.