Following the successful completion of a two-stage audit process, Capital Support has demonstrated its commitment to information security by achieving its ISO 27001:2013 accreditation.
In late-2014 Capital Support took on a Chief Information Security Officer, Simon Rozario. One of Simon’s primary objectives has been to support the business in achieving its ISO 27001:2013 accreditation, and – following a period of extensive auditing – we are proud to have reached this key business goal.
What Is ISO 27001:2013?
ISO 27001:2013 is an information security standard that helps organisations to identify the following: –
- What assets should be protected?
- What are the risks to the assets and how much risk can you accept?
- What controls do you need to protect your assets?
- Do the controls work?
- Do you carry out a risk assessment in your organisation; do you review the threats and vulnerabilities?
By achieving ISO 27001:2013 accreditation, businesses demonstrate the effectiveness of their information risk management policies and procedures.
The Importance of ISO 27001:2013
Achieving ISO 27001:2013 has been a significant undertaking for Capital Support, requiring extensive investment in the development of our people, processes and systems. The decision to work towards ISO 27001:2013 was taken by Capital Support’s Executive Board on the basis that it will deliver important benefits to the business and its customers: –
- Reassuring Customers: through achieving ISO 27001:2013, we are providing reassurance to customers. This is true for all customers, from those who host their environments within our Private Hosted Infrastructure to those for whom we provide Field Services Engineers to support their internal IT functions.
- Safeguarding Our Future: ISO 27001:2013 isn’t only important for our customers – it’s important to us as a business, as well. By investing in our security we are effectively investing in our future, ensuring that potentially damaging security risks are mitigated through the effective combination of people, processes and systems.
Carl Chapman, Capital Support’s Chief Operating Officer, explains that “achieving the ISO 27001:2013 accreditation has been a key strategic goal for us. Our customers demand high levels of security and internally we put a lot of pressure on ourselves to ensure that everything we do remains in-line with recognised security best practices. As governance in the financial services market increases exponentially I strongly suspect managed service providers will be expected to have this accreditation by default.”
The journey to ISO 27001:2013 accreditation has been an important one, and Capital Support is stronger as a business for it. If your providers aren’t taking a similar journey, we’d be inclined to ask ‘why not?’ Feel free to contact us to find out more about ISO 27001:2013 and how it supports us in providing secure, effective services to our customers.