At AccountsIQ, we take every precaution to protect our customers’ data. That’s why we’re proud to announce we have achieved IS0 27001 certification
What is ISO 27001?
ISO 27001 is an internationally recognised standard that helps organisations establish and maintain an effective Information Security Management System (ISMS). In other words, it is a way of making sure organisations are managing information security risks and data effectively. Crucially, it also provides reassurance to our customers that AccountsIQ is taking all necessary steps to keep their data safe, secure and accessible.
AccountsIQ’s CTO, Gavin McGahey, says:
“ISO 27001 is the internationally recognised standard for information security and Cloud compliance. To achieve this certification, our systems and policies were rigorously tested against international standards. It proves that we are maintaining the highest level of security and data integrity across the business.”
ISO 27001 certification is a rigorous process that includes (but is not limited to):
- Scoping and establishing company-wide information security policy, controls and protocols
- Identifying and systematically assessing all internal and external risks to information security
- Defining security roles and responsibilities
- Defining and establishing controls to mitigate and manage risks
- Scoping supplier and partner security policies
- Establishing incident management and business continuity processes
- Implementing company-wide security skills training.
Arguably the most significant ISO 27001 requirement is the need to continuously monitor, manage and improve security policies and controls. This is to ensure they remain secure in the face of new and evolving technologies. As Gavin McGahey explains:
“ISO 27001 encourages a continual improvement approach to information security risks. It ensures we are proactive rather than reactive, with an emphasis on anticipation and prevention. Regular audits to assess security and identify any areas for further improvement will help us to stay one step ahead of any threats and provide reassurance to existing and potential customers.”
Our ISO 27001 certification is valid for three years, but we will be assessed annually. As Gavin concludes:
“This certification is additional proof of our commitment to protecting our customers’ data. Everyone across the business takes this seriously. We have trained the entire team in our compliance protocols and their specific information security responsibilities.”
Find out more about our Cloud compliance and security policies.