Home
Cyber Security Certifications

Our certifications prove we take your security seriously.

We take your saftey and security seriously. We have a number of certifications which have been independantly audited by DAS, a UKAS audit body.

 

Audit Schedule

We undergo a lot of audits and while these can be disruptive to day to day operations they are necessary. Often we are asked when our next audit is due, so in order to aid in answering this question we made the decision to publish our audit schedule.

CertificationSummaryLast Audit
Cyber Essentials & Cyber Essentials PlusGovernment security baselineJanuary 2018
Data Protection & GDPRData ProtectionApril 2018
BS31111Cyber risk and resilienceMay 2018
ISO9001Quality managementAugust 2018
ISO27001Information SecurityAugust 2018
Penetration TestInternal & external penetration testSeptember 2018
ISO17025Calibration of Penetration Testing toolsOctober 2017
FinancialFinancial healthNovember 2017

 

Certificates

ISO27001

ISO/IEC 27001 is an information security standard, part of the ISO/IEC 27000 family of standards, of which the last version was published in 2013, with a few minor updates since then. It is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee.

ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit.

PDF

 

ISO9001

The ISO 9000 family of quality management systems standards is designed to help organizations ensure that they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of quality management systems, including the seven quality management principles upon which the family of standards is based. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfil.

PDF

 

CREST

CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

PDF

 

ISO17025

ISO/IEC 17025 General requirements for the competence of testing and calibration laboratories is the main ISO standard used by testing and calibration laboratories. In most major countries, ISO/IEC 17025 is the standard for which most labs must hold accreditation in order to be deemed technically competent. In many cases, suppliers and regulatory authorities will not accept test or calibration results from a lab that is not accredited. Originally known as ISO/IEC Guide 25, ISO/IEC 17025 was initially issued by the International Organization for Standardization in 1999.

While we are fully compliant with all of the requirements of ISO17025, we are awaiting an audit body with in the UK who can competantly audit a cyber security firm against the standard. To date, there are none.

 

Cyber Essentials Plus

Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.

PDF