And how it helped them to conform to recent legislation, including GDPR and NIS regulations
Neil McCarthy, chief commercial officer at Direct Life & Pension Services, who offer protection services to financial advisers and consumers, explained: "When we first started looking at ISO 27001, my first reaction was that it's a certificate for IT procedures. It isn't, it's much, much more. ISO 27001 is an international standard that provides the specification for an Information Security Management System (ISMS)."
So essentially, ISO 27001 helps organisations to manage their sensitive data, with the end goal being to minimise risk and ensure business continuity by limiting the impact of a security breach.
But what does that really mean to the business and its customers?
McCarthy continued: "In our business, we deal with 1,000s of customers' application data, which includes sensitive medical data, and other application and bank details. We need to collect, record, transfer and store this data securely. We could see the value of the ISMS helping us conform to recent legislation, including GDPR and NIS regulations."
McCarthy went on to explain the work involved and just how long the accreditation process took: "Over the past 10 months we have created and updated documents, operations manuals, risk registers, asset logs, T&C handbooks, to name a just a few. Key to all this was demonstrating that the entire organisation was aware of the importance of the security of data, and understood the procedures that were in place across the business."
"As a business, I think we have benefitted enormously from the work done to achieve this, but importantly it reinforces how important it is to keep customer data secure. I would recommend that any business with a lot of data looks at this, if only to challenge whether their current levels of security are right for the risks in our market."
Welcoming Andy Morris as finance director and Shirley Fell as operations director
Two million UK people estimated to have dementia by 2051
How can we achieve mental and physical health parity at work?
Havensrock Thrive App