They’re not headline-grabbing but agreed standards (such as ISO 27001) are, in fact, capable of changing the world for the better. We tend to hear about innovations that easily translate to visual and emotive news stories: from the moon landings to Boston Dynamics dancing robots. Yet, the overlooked history of international standardisation contains major global breakthroughs.
The story really begins in 1946, with the formation of the International Organisation for Standardisation (ISO). The purpose was, and still is, to establish global consistency and help build a more collaborative world. One of the ISO’s first initiatives was ISO/TC 104, the worldwide standard for shipping container dimensions, which revolutionised international trade.
Why is ISO 27001 more than just more IT jargon?
Security standards may not catch the headlines, but data security breaches certainly do. An ISO 27001 certification is effectively a seal of approval saying that your organisation is compliant with information security best practices. For a company, such as AccountsIQ, the ultimate goal of being ISO 27001 certified is to reassure our customers that we are taking all necessary steps to keep their data safe, secure and accessible.
As AccountsIQ’s CTO, Gavin McGahey, explains
“A key part of the Certification was to first define the scope and the benefits we expect it to bring. That included a detailed risk management process to identify and assess internal and external risks. And to put measures in place to handle those risks if they occur.”
This risk assessment ensures we have the procedures in place to transfer and store data securely in compliance with our contractual obligations to customers. However, ISO 20071 goes further than that. It takes a holistic approach to information security to reduce the risk of human error in security breaches.
ISO 27001 requires that you build an ISMS (information security management system). An ISMS is best described as the methodology you use to ensure a high level of information security through defined processes and best practices. For AccountsIQ, this applies across our software design, development, customer onboarding and support phases.
ISO 27001 certification is not a one-off project. As Gavin explains, it’s designed to promote a security-aware culture, company-wide:
“Arguably the most significant ISO 27001 requirement is the need to continuously monitor, manage and improve security policies and controls. This ensures we are proactive rather than reactive, with an emphasis on anticipation and prevention. Regular audits to assess security and identify any areas for further improvement will help us to stay one step ahead of any threats and provide reassurance to existing and potential customers and partners.”
AccountsIQ is proud to be ISO 27001 certified. Everyone across the business is committed to protecting our customers’ data and the entire team undertakes regular information security training. We’ll leave it to Gavin to sum up the benefits of ISO 27001 for our customers and partners:
“ISO 27001 is the internationally recognised standard for information security and Cloud compliance. To achieve this certification, AccountsIQ’s systems and policies were rigorously tested against international standards. This certification provides proof and reassurance to our customers that we are maintaining the highest level of security and data integrity across the business.”
Find out more about how we protect your data
Find out more about AccountsIQ’s ISO 27001 Information Security certification and how we take every precaution to protect our customers’ data.