We’re really pleased to announce that we’ve achieved ISO 27001:2013 certification, following successful assessment by Certification Europe, a leading global provider of IT governance, risk management and compliance solutions. To achieve this certification we needed to demonstrate our information security management system to manage risk for sensitive information, including people, processes and systems.
Putting the whole business in scope
Our certification covers the scope of our entire business and we felt this was really important. Occasionally, service providers obtain certification for discrete areas or specific functions within their organisations. We believe that whole-business certification maximises the benefits to our customers and partners, and as a result they have complete confidence in our whole business processes, tools and staff.
A big step for a small business
Certification is a significant undertaking, so why did we do this? We deal with one of our customers’ most precious assets – their data. This often includes sensitive information such as personnel data and financial information. We take seriously our responsibility to protect data and we wanted to use the certification preparation to drive improvement in our internal process and procedures. We trust our investment in this certification demonstrates our commitment to information security to our customers.
Certification is a journey and everyone in Coeo has responsibility for information security and compliance – every day. Maintaining our certification requires us to focus continually on information security as we conduct regular risk reviews and mitigation.
If you need any further information, or would like to discuss our services or certification further – please feel free to contact me.