Here at Signagelive we’ve always taken security as our number one priority
In late 2019 we began our journey to achieve ISO 27001 certification to add an additional layer of trust to our already robust processes.
It is with great excitement that we officially announce that we have on 17th November 2021 completed the final external assessment as required by the ISO 27001 standard and have received our certification by The British Standards Institute (BSI).
What is ISO 27001?
ISO 27001 is the internationally known standard for Information Security Management Systems (ISMS). The ISO 27001 certificate is an independent confirmation that we have our processes, in terms of privacy and information security, in order, and that our security strategy is future-proof.
To achieve certification as a business you have to ensure that all areas of the business and all staff are performing to the highest standards, including Senior Leadership, Human Resources, Internal IT, Operations and of course Software Engineering. All staff have had rigorous training on the core concepts of ISO 27001 and specific security training relevant to their roles.
ISO 27001 isn’t just about technology as whilst we’ve had an in-depth audit of our software development, management, monitoring and maintenance procedures we have also had to ensure that our recruitment and training processes, physical security and business continuity plans amongst others items are all performing to the very highest level.
Why is it important to me?
ISO 27001 is increasingly important to review when evaluating any software platform you’re looking to use as you are entrusting that organisation with your most valuable asset – your data.
By achieving ISO 27001 we can provide assurance to our customers that it has been independently verified that we handle your data with the highest levels of security throughout the organisation and within our solutions ensuring that it is kept confidential, maintains integrity, and is accessible when you need it.
Our ISMS Policy is available to download here which states our objectives of ISO 27001 certification and how we will achieve it both the lead up to the audit and post-certification.
Not just achievement but excellence
When we look to do something, we look to do it in the best way possible.
Not only have we achieved the certification at the first attempt, but we have also done so with no Non-Conformities and only a single Opportunity for Improvement.
A non-conformity (NCR) is a process or activity which doesn’t fulfill its intended purpose. This could be because there has been a failure to follow the procedures outlined in your Management System, or because the documented procedures are not fit for purpose.
An opportunity for improvement (OFI) is a situation where the evidence presented indicates a requirement has been effectively implemented, but based on auditor experience and knowledge, additional effectiveness or robustness might be possible with a modified approach
Understandably achieving certification at the first attempt in this way is something we want to shout about however don’t take our word for it, the auditors have commented in our report (which will be publicly available soon) that –
“While the ISMS may be young, it was clear that the processes were mature and established. Good practice was seen throughout the audit and it is pleasing to note that improvement of the policies and processes is on-going”.
To learn more about Signagelive solutions and to discuss your Digital Signage requirements, please get in contact with us.
You must be logged in to post a comment.