GDPR was designed to modernise laws that protect the personal information of individuals, whilst ISO 27001 information security standard, published by the International Organization for Standardization (ISO), specifies an information security management system (ISMS) with 114 controls to manage risks, with annual audits to ensure compliance with the standards. The ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.
Information and cyber security are on the top of the list of priorities. The main reasons for companies to obtain ISO 27001 certification is to bolster business integrity with customers, investors, partners; reducing the occurrence of risks associated with the threat to information security and increasing confidence in the services provided. In the UK it is increasingly becoming a prerequisite or a closer for securing contracts, a practice adapted from public to private sector, from small companies to worldwide corporations.
Certification is key, especially for outsourced service companies, as it demonstrates the maturity of the company, its understanding of the importance of business continuity, and guarantees the safety of customers' intellectual property.
Tech industry in particular cannot afford to ignore something so integral to their operations. Arcadia, a multi-million pound company working extensively with Fortune 500 companies designing and building custom software, recently acquired the ISO certificate. For a company specializing in complex web solutions, big data, AI and machine learning, it is a natural move.
Natalia Elfimova, Managing Director at Arcadia, explains the importance: "With 30% of Arcadia's business being in the UK, we felt it was important to get certified specifically by British Standards Institute (BSI). As a leading outsourced custom software provider across several security critical industries such as pharmaceuticals, education, transport, etc., the ISO 27001 certification ensures the reliability of our information security management system."
High level of competency in protecting and managing the clients and company data is undoubtedly the key to success in the modern world.
For more information about Arcadia, contact
Dmitri Adov, Technical Director