Earlier this year, Condatis successfully completed an external assessment by UKAS accredited auditors and achieved certification for the ISO 27001:2013 information security standard for a renewed three-year period. Additionally, the assessment included coverage of our quality management system and confirmed the continuation of our ISO 9001 certification. In maintaining these certifications, we demonstrate our commitment to managing information security and quality to internationally recognised standards across our business operations and delivering products and services to customers.
John Yau, Chief Information Officer, said:
“Achieving the ISO certifications will assure customers that we are operating recognised frameworks for managing information security and quality – for some, it may even be a supplier compliance requirement. The ISO 27001 standard is based on implementing security controls to mitigate perceived risk. As part of the continual improvement programme, we must monitor the effectiveness of controls and adjust accordingly in response to the changing cybersecurity landscape. The ISO 27001 standard is undergoing a 2022 refresh expected around October this year, although the ISO 27002:2022 guidance is already published (February 2022). As well as undergoing a major restructuring to have broader appeal across diverse organisations, there has been some notable new coverage for privacy and cybersecurity controls, along with recognition of zero trust and cloud service architectures to bring the standard up to date. Condatis will look forward to monitoring developments and transitioning to the ISO 27001:2022 refresh.”
Why we chose to achieve our ISO 27001 certification
Ian Stewart, Chief Operating Officer, said:
“Assuring our clients and customers that we are IT compliant and secure is a major priority in our business operations. I’m delighted that we have been awarded the ISO 27001 certification for another 3 year cycle. I’m even more pleased that our processes meet a global standard for best practice and enable our staff to do their jobs effectively and securely.”
Aside from demonstrating that our business operates under good security practices, achieving the certification reflects our knowledge and understanding of the weight security bears on any company operating digitally, including our own. Cyber attacks are increasingly becoming more challenging for your average business to detect. The financial damage to companies and their customers can be overwhelming as it impacts their short-term financial abilities and chips away at the trust customers have in their business. Digital identity is a significant aspect (though not always prominent) in cyber security. As a business that develops secure identity solutions for customers across government, education, engineering, and other highly regulated industries, it is expected, if not a mandatory part of our business, to operate under the same level of scrutiny by independent UAKS-accredited auditors. Otherwise, how can our customers trust us to recommend the right solutions? Continuously working towards re-certification puts our teams in a position where we operate according to best practices as second nature.
Let’s stay in touch!
Get content from Condatis straight to your inbox! Subscribe to stay up to date.