Helping Information Assets Stay Secure: Vision Achieves ISO 27001 Certification

ISO 27001

Vision is delighted to have achieved an ISO 27001 certification, outlining its responsibility to keeping information and digital assets secure.

The ISO 27001 standard ensures that information such as employee details, intellectual property, financial information or information entrusted by third parties is held securely and safely stored.

Benefits of this certification include increased reliability and security of systems and information, improved customer and business partner confidence, increased business resilience, alignment to customer requirements and improved management processes and integration with corporate risk strategies.

The process of ISO 27001 involves a period of stringent assessment. Initially, an auditor will be in touch to go through an audit plan then an initial assessment takes place and a report created which outlines the steps for improvement. Finally, the auditor visits the business to establish whether the company’s management systems and processes meet the desired objectives and requirements needed in order to meet the standard.

A number of high-profile cases the world have recently highlighted the reputational damage and financial consequences that businesses can face if information that is private gets into the public domain.

For example, since the introduction of GDPR (General Data Protection Regulation) the maximum fine a company could pay in the event of a data infringement is up to €20 million or 4% of the company’s global annual turnover, whichever is greater.

The benefits of the ISO 27001 standard can help an organisation to avoid huge fines and financial losses resulting from data breaches, protects a company’s reputation, improves structure and focus, and shows that a company is compliant with business, legal, contractual and regulatory requirements.

Achieving the ISO 27001 has illustrated how Vision protects its information from getting into unauthorised hands as well as proving the information Vision holds is accurate and modified only by users authorised to make any changes to this information. It also proves how Vision has assessed any risks and mitigating factors to control, reduce or lower the impact of an information breach.

Equally, any audits are independently assessed to an international standard based on industry best practices.

Vision Group Assurance and Compliance Manager, Dianne Hill, said: “We take our responsibilities to information assets extremely seriously at Vision, as we do all of our working practices.

This certification proves we have invested in all aspects of business, legal, contractual and regulatory requirements and it proves to our suppliers, customers and stakeholders that we have a robust information governance and business continuity plans for our ICT systems which should give them greater confidence when dealing with us.”