27 Jul Security Audit Certifies Axess Systems with a Clean Bill of Health
Following an external audit by Alcumus ISOQAR, the leading UKAS accredited certification body, Axess Systems has received yet another clean bill of health from its latest ISO27001 Security Audit.
Heath Roberts, Operations Director at Axess Systems, goes through what this means to Axess Systems, and how it benefits all our clients and stakeholders.
“The annual ISO27001 security audit is something which always looms large on our calendar.
I’m not going to say we look forward to the audit; that would be a bit weird, as having seasoned auditors scrutinise every aspect of our security policies, processes, management systems, and people… is without a doubt stressful.
But at the same time, it is an incredibly valuable exercise. We find the feedback and thoughts from each auditor provides incredible insight into how we compare to best practice, and it also delivers an intense period of reflection of how we can do things better, which is only a good thing.
As a business, we must demonstrate our compliance in the world of Information Security. It is a fundamental part of helping to reduce risks associated with delivering our services and IT platform. And there is no better way in doing this than being certified to ISO27001.
Since 2018 when we took the decision to certify our Information Security Management Systems (ISMS) to ISO27001, we have never looked back.
We have seen our ability to work with more complex and larger clients including NHS Trusts, Local Governments, Universities and Banking expand to the point where we now manage significant parts of their IT infrastructure. And this would not have been possible without the confidence that ISO27001 brings.
Another thing we are rightly proud of is that since we were first certified back in June 2018, we have never received a non-conformity or a major non-conformity in any of our audits.
And following our latest audit, I’m pleased to say this has continued; not that we take anything for granted.
Given our responsibility of providing a secure IT platform, and critical IT support services to our clients we are always looking at ways to improve and develop our ISMS.
And this commitment to improvement never stops, so when using Axess Systems our clients can be sure we take Information Security and the protection of their information, just as importantly as they do.”
ISO27001 is the international standard for Information Security Management Systems (ISMS). There is common misconception that ISMS just covers cyber security, but it is far more encompassing.
ISO27001 covers the security of information in whatever form it is held, whether it is transmitted – on paper, electronically, by post or email, shown on films or even spoken in conversation.
Whatever form it takes, or means by which it is stored and shared, the standard helps to make sure it is always appropriately protected to assist with the preservation of:
Confidentiality – ensuring that access to information is appropriately authorised
Integrity – safeguarding the accuracy and completeness of information and processing methods
Availability – ensuring authorised users have access to information when required