Find out how we hold ourselves to the highest standards, embodied by our company values of Integrity, Commitment and Excellence.
Integrity is key in all our business engagements. That’s why we meet the exacting requirements of ISO 9001 for our Quality Management System (QMS).
ISO 9001 prescribes and ensures systematic control of all an organisation’s activities directed towards delivery of their product or service, ensuring their customer expectations and requirements are met. The internationally-recognised standard also mandates formal processes for continuous improvement for processes.
YOU CAN VIEW OUR CURRENT ISO 9001 CERTIFICATE HERE.
Security is our business – we are 100% committed to security for ourselves, our employees, our clients and our stakeholders. We hold ourselves to the global standard for information security in an organisation – ISO 27001.
This certification is proof of an existing robust Information Security Management System (ISMS), which has passed an assessment by a UKAS-accredited certification body, as well as risk management processes and appropriately rigorous controls to protect the confidentiality, integrity and availability of critical information assets.
YOU CAN VIEW OUR CURRENT ISO 27001 CERTIFICATE HERE.
As a CREST company, our testing methodology applies proven, consistent methods that build on industry standards, including the Open Source Security Testing Methodology Manual (OSSTMM), and the Open Web Application Security Project (OWASP).
We strive for excellence in all we do; that’s why all our testers are accredited under the CREST scheme, meaning you’ll receive only the best and most thorough test of your organisation’s security, with minimum disruption and maximum value.
Commissum can work with your organisation to establish a minimum baseline for cybersecurity under the Cyber Essentials scheme.
Our consultancy offering, coupled with our CREST-certified services, means we’re ideally placed to asses and certify your organisation to either Cyber Essentials or Cyber Essentials Plus, as appropriate.
As a CHECK approved provider, our testing methodology has been assessed as meeting the very high standards of the National Cyber Security Centre (NCSC) and is approved to provide health check services to Her Majesty’s Government and the wider public sector.
Commissum’s admittance to the scheme is a testament to the high quality of Commissum’s processes, outputs and penetration testing staff.
CREST developed the STAR framework to deliver controlled bespoke, intelligence-led cyber security testing, incorporating advanced penetration testing and threat intelligence services to replicate cyber security threats more accurately to critical assets. The framework ensures that all intelligence-led penetration tests, or Red Team engagements, conducted by an accredited company are up to standards imposed by regulators.
Gaining STAR status ensures we are accredited as an expert organisation and our processes are independently validated – a further enhancement to our comprehensive offering.
Holding CREST SOC accreditation demonstrates to clients and other stakeholders that Commissum services delivered from the SOC meet industry and regulatory standards, and professionals are highly skilled, knowledgeable, and competent. SOC practitioners are further certified to individual CREST certifications themselves, along with many other academic, industry, and vendor-specific qualifications, meaning the people, process, and technology within the SOC are industry leading.
CREST SOC independently validates the quality and value of service that Commissum provides. Alongside our other accreditations, we can now be the sole source of security services to prospective and current clients.