The road to ISO 27001 certification - is it worth the effort it demands?
We are thrilled that we have recently been awarded the ISO 27001 certification - the international standard that provides a framework for Information Security Management Systems (ISMS) to implement continued confidentiality, integrity, and availability of information as well as legal compliance.
We know that ISO certification matters. It demands us to have a clear oversight of how we capture, process and store information and therefore enables us to be trusted by all those who work with or for us.
However, when considering whether we should embark on the ISO journey, a few questions were raised:
- Do we really need it – what is its value?
- It is a huge admin lift – can we do this and ensure we don’t detract from our client focus and programme delivery?
- Surely this is for big corporates – what’s the relevance to us?
There were two ways we could tackle the ISO challenge; we could either see it as a tick-box exercise or we could embrace it as an opportunity to grow – as a team and as a business. The questions were all relevant, but we had grown significantly over the past couple of years, so we knew our processes needed a review and refresh. We took the second option.
Fast forward to the successful conclusion of our assessments, and we can look back knowing we made the right choice. Being open to change, collaborating and questioning why and how we do things, as well as what we do, resulted in us growing as a team and ensuring that we are fit for our next period of growth.
And it gives us something of which we are justifiably proud. It proves our commitment to the highest standards of data protection and positions us in the top echelon of organisations globally when it comes to information security practices.
‘I look back to the certification process with real pride. This journey wasn’t easy; it was never about ‘just getting certified’. We embraced the opportunity to be the best partner to our clients and the best employer to our team, one they can trust with their information in the knowledge of the level of commitment we place on it. It was a complete team effort and whilst having the ISO stamp of approval is key, we achieved so much more!’, says Caroline Hodson, Managing Director at WoolfHodson.
At WoolfHodson we hold ourselves to high standards; we are trusted by leading global organisations. The ISO 27001 certification is a validation of that trust and gives our clients, our partners and our team the peace of mind that whether working with or for us, their information is in good hands.
Janine Carlson, Operations Director at WoofHodson added: ‘We did it! It’s a fantastic achievement for our team and one that highlights the values we stand for – being united in our shared passion to constantly improve, both when it comes to how we work with our clients and with each other.’
