Digital business services provider, Columbus, has announced it has achieved ISO 27001 certification for information security and management, covering all Columbus employees and offices in the UK.
ISO 27001 is an internationally recognised standard for securing information assets and stipulates requirements for putting in place an information security management system (ISMS). The certification assures Columbus customers of the very high levels of security controls at a time when GDPR is set to enforce tighter data protection standards with severe financial penalties for non-compliance, and against an increasing frequency of cyber threats.
The certification was achieved on 16th May, 2018, following a three-day independent auditing process at Columbus offices in Nottingham, Cambridge and Warrington. Working closely with ISO standard specialists QMS, Columbus carried out an analysis of business processes to identify, document and refine existing information security policies, and completed a full risk assessment of all 100 areas of information assets in addition to 180 Microsoft Dynamics environments containing customer and company data.
The ISO 27001 audit evaluates organisations based on the company’s information security and management framework, and the systems in place to prevent and mitigate the risk of data theft, loss or damage. Following a period of work to complete a number of policy enhancements, Columbus now boasts a highly ISO 27001 compliant ISMS.
The scope of certification also encompasses all of Columbus UK’s consultancy services, including the Application Management and Infrastructure Management Services, which are designed to ease the security and maintenance burdens of companies’ IT operations. Columbus employees have undergone security awareness training and assessment to ensure the security and integrity of all customer and internal data and will continue to be evaluated and monitored to confirm ongoing compliance.
Mary Hunter, Managing Director, Columbus UKsaid, “this is an important step to assure Columbus customers and employees that we continue to take information security very seriously. ISO 27001 certification reinforces our commitment to upholding the highest standards of data management and protection. GDPR is also firmly on the horizon, so it is vital for us to demonstrate the strength of our information security processes to customers and cultivate a security-focused culture internally among our staff.”
“Using data to generate extra value for customers is at the heart of our business and solutions, and with the rise of cloud-based delivery services and increased digitisation of business processes, we are committed to delivering high levels of protection for these growing volumes of personal and sensitive end-user information."