Commissum

ISO 27001 Certified Information Security Management System


Security is our business. It therefore stands to reason that we should ensure that we adopt an appropriately rigorous control regime when it comes to protecting our own, and importantly, our clients’ information.

We have been independently assessed and certified as meeting the exacting requirements of ISO 27001 for our Information Security Management System (ISMS). The assessment, carried out by a UKAS accredited certification body provides evidence to our customers, suppliers, employees and partners of our 100% commitment to securing the critical information assets that we hold; both our own and those of our clients. We have also demonstrated the commitment throughout the company to ongoing and continuous improvement. It provides evidence of the existence of an effective ISMS that satisfies the international standard, ISO 27001.

Iso 27001Please click on the following link to download a copy of our certificate: Image of PDF Document ISO 27001 Certificate (572.2 KB)

ISO 27001

ISO 27001 is the internationally recognised standard for managing information security in an organisation.

ISO 27001 demonstrates that an organisation has risk management processes and appropriately rigorous controls in place to protect the confidentiality, integrity and availability of its critical information assets. An important element of implementing ISO 27001 is the commitment of management and staff to not just maintaining, but also continuously improving the organisation’s security management and controls. An Information Security Management System independently certified as meeting ISO 27001 provides a high level of confidence that the organisation’s intellectual property, sensitive data, and personal information are protected and that the valuable customer and supplier records whose care is entrusted to the organisation are similarly secured.

It covers all processes within an organisation that control the way they do business and produce and deliver their products and services. It prescribes and ensures systematic control of all an organisation’s activities that are directed towards delivery of their product or service, ensuring their customer expectations and requirements are met. Also, importantly it mandates an organisation having formal processes for continuously monitoring and improving these processes. ISO 27001 is part of the ISO 27000 series and is the auditable standard in the ISO 27000 family.

Why a UKAS Accredited Certification Body is Important?

To demonstrate that a quality management system really does meet the ISO 27001 standard it is essential to engage an independent and impartial third party to assess the system against the standard. These third parties are known as conformity assessment bodies (CABs).

It stands to reason that it is absolutely critical to use a CAB who you know to be competent and whose assessment will be universally accepted. National Accreditation Bodies (NABs) assess the CABs against international standards to make sure that they are competent to assess against specific standards. UKAS is the UK’s NAB. NABs are reviewed to make sure that they are competent by taking evaluations by their peers and by being subject to government audit and appointment.