As we are all too painfully aware in these times of enhanced risks from cyber-attacks, security breaches and data leaks, information security has to be taken seriously. Not only is the safeguarding of information, security assets and personal data sound business sense but it is also a legal and regulatory obligation especially for many businesses.
DWS are delighted to announce we have met the requirements for ISO/IEC 27001:2013: Information Security Management Systems Certification. To gain this certification, we have successfully demonstrated that we have identified and assessed potential security risks to confidential information and data we hold on our customers. We have also taken steps to ensure these risks are mitigated and that security controls are fit-for-purpose. This will ensure that every form of information we hold is protected and secure. As the internationally recognized Information Management System Standard, ISO 27001 helps DWS meet contractual requirements.
Why is this important?
The importance of an ISO 27001 audit cannot be over-emphasized for organizations that are technology-rich or heavily reliant on digital data storage or hold any other sensitive customer information. Risk-based approaches are vital for modern information security effectiveness. There are many ways to achieve security risk management, so a recognized standard puts formalities in place to ensure the right processes are followed and captured when the breach is realized.
In addition, part of implementing ISO 27001 includes a gap analysis to identify areas of the business that do not currently meet the standards of a quality ISMS. This ensures we can review whatever is already in place and identify areas that can be improved.
These standardized procedures are also easy to explain to staff as there is a process which can be followed, so explanation, documentation and tools are always the same and all this makes training new staff easier. The benefit of standardized procedures is that problems can be identified more quickly, issues are more easily detected and resolution can be put in place to ensure the issue doesn’t get repeated. This also relates to customer satisfaction levels, where quicker problem resolution means enhanced customer service levels and customer feedback mechanisms can be used to communicate what remedies are put in place to assist the customer.
We are delighted that we have received this certification to protect our company information and that of our customers.