We take your saftey and security seriously. We have a number of certifications which have been independantly audited by DAS, a UKAS audit body.
We undergo a lot of audits and while these can be disruptive to day to day operations they are necessary. Often we are asked when our next audit is due, so in order to aid in answering this question we made the decision to publish our audit schedule.
|Cyber Essentials & Cyber Essentials Plus||Government security baseline||January 2018|
|Data Protection & GDPR||Data Protection||April 2018|
|BS31111||Cyber risk and resilience||May 2018|
|ISO9001||Quality management||August 2018|
|ISO27001||Information Security||August 2018|
|Penetration Test||Internal & external penetration test||September 2018|
|ISO17025||Calibration of Penetration Testing tools||October 2017|
|Financial||Financial health||November 2017|
ISO/IEC 27001 is an information security standard, part of the ISO/IEC 27000 family of standards, of which the last version was published in 2013, with a few minor updates since then. It is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee.
ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit.
The ISO 9000 family of quality management systems standards is designed to help organizations ensure that they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of quality management systems, including the seven quality management principles upon which the family of standards is based. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfil.
CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market.
ISO/IEC 17025 General requirements for the competence of testing and calibration laboratories is the main ISO standard used by testing and calibration laboratories. In most major countries, ISO/IEC 17025 is the standard for which most labs must hold accreditation in order to be deemed technically competent. In many cases, suppliers and regulatory authorities will not accept test or calibration results from a lab that is not accredited. Originally known as ISO/IEC Guide 25, ISO/IEC 17025 was initially issued by the International Organization for Standardization in 1999.
While we are fully compliant with all of the requirements of ISO17025, we are awaiting an audit body with in the UK who can competantly audit a cyber security firm against the standard. To date, there are none.
Cyber Essentials Plus
Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.