We might have been in lockdown but that hasn’t stopped our Information Security and Compliance Team pushing ahead with annual audits and security enhancements. We attach great importance to these areas – they are integral to our operation and we work hard to meet and exceed customer expectations and assurances, particularly around online payment solutions.
At the height of lockdown all ISO audits and annual penetration tests were due, and these would normally involve external auditors visiting us and reviewing our systems and controls.
Things were far from normal – our head office was shut, we’d instigated our business continuity plan and like most other companies, we were working from home supporting our customers.
In agreement with our auditors and the United Kingdom Accreditation Service (UKAS), we decided to conduct remote desktop audits. Whilst this approach presented challenges it was also an opportunity to demonstrate what was possible and to thoroughly test our business continuity plan.
From the auditor’s living room to the homes of our own team, our processes, controls and policies were rigorously reviewed and we’re happy to say we achieved re-certification in all ISO standards for another year.
Our own Quality Manager was involved throughout and reports that his wife, who was also working from home, was very patient and understanding of the many conference calls that took place however a new ‘doors closed and headphones on rule’ was agreed after the first hour of audit one!
In an ever-changing environment we’re constantly looking for ways of improving and work closely with our customers to ensure we satisfy their quality and security requirements. In fact, our list of accreditations is often a contributing factor in us being the chosen partner for many of our customers.
Next up is our annual PCI-DSS Service provider assessment and with any luck, we’ll welcome the assessor in person!
The list of our accreditations is below and copies of certificates are available to clients and potential customers upon request. We’re also happy to share details of the many controls and processes we have in place:
- ISO 27001 – Information Security Management
- ISO 9001 – Quality Management
- ISO 14001 – Environmental Management
- OHSAS 18001 – Occupational Health & Safety Management
- PCI-DSS – Level One Service Provider
If you’d like to hear more about our solutions and how we could help you transform your business operation in the post-pandemic environment, contact us on firstname.lastname@example.org