What is ISO 27001 and why is it so important?

Here at Vitanium we have recently become ISO 27001 certified, which is excellent news for us, but what does that actually mean for you and your customers?

It is an internationally recognised standard

ISO is the International Organisation for Standardisation. Yes, it looks like it should be IOS in that case, but as it is international, the acronym would change in every language. ISO actually comes from the Greek word ‘isos’ which means equal.

ISO has been around for over 70 years, setting the standard for excellence across many different industries (and 28,000 different standards!), so it has a fantastic history and reputation. Vitanium have been ISO 9001 certified for a while, which is a great quality management certification and helps to keep our business first class. ISO 27001, however, is specific to the security industry, containing a lot more rules, processes and procedures to ensure we are reaching another level of professionalism, specialised to our sector.

It lays out the security framework and sets controls

ISO 27001 certification provides a framework that covers a wide range of topics, including HR security, Security policies, Incident management, Business Continuity and much more. With Vitanium’s certification you can be assured that our Information Security Management Systems (ISMS) are in line with the highest recognised standards, giving you and your customers confidence that we have considered and implemented the top security and risk management.

It proves we are mitigating risks

Speaking of risk management, this is how most of the topics covered by ISO 27001 are addressed. Potential threats and issues are identified and then controls are implemented to mitigate these risks. Following the ISO framework means that you can be certain that we have covered all legal, physical, and technical risks and implemented controls to mitigate or completely nullify them. (Not that we weren’t already of course, it’s just official now!)

It ensures continuous improvement

That’s right, it isn’t enough to just hit the standard and cruise from there. In order to keep our ISO 27001 certification we have to be audited by an independent ISO auditor every year and demonstrate what we have done over that year to improve our ISMS. On top of that, ISO 27001 is regularly revised, meaning we will also need to prove our compliance with any new updates. This proves that Vitanium are dedicated to providing the best security, the best risk management and the best service to you and your clients, forever.

In conclusion

The main point of ISO 27001 for you and your customers is that it inspires confidence. Confidence that you are working with a company that has, and always will have, the best practices in place when it comes to security.