Vaultium has led and successfully managed the information security accreditation, ISO/IEC 27001 certification, for a leading UK based Not for Profit organisation.
ISO/IEC 27001 requires that the management:
- Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities and impacts;
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.
Some of the business benefits of implementing the ISO 27001 included:
- Compliance with legal, regulatory, and statutory requirements
- Market differentiation and increases company reputation and raises potential for increasing sales
- Increase in efficiency, governance and operational performance
- Minimizes internal and external risks to business continuity
- ISO 27001 certification is recognized on a worldwide basis
- Significantly limits security and privacy breaches
- Provides the organisation with continuous protection that allows for a flexible, effective, and defensible approach to security and privacy
