ISO27001 may not mean that much to you at the moment but it is rapidly becoming a “badge of honour” for organisations that manage or have access to confidential client data.
Martin King-Turner, Director at The National B2B Centre, reveals why he believes that ISO27001 accreditation will become a required entry on your proposal or tender in the near future.
Consider the phrase “organisations that manage or have access to confidential client data.”
What’s really interesting is how many organisations fit that description without realising it. It’s not just about hospitals or social media companies. How about business travel agents, locksmiths, bailiffs, accountants, printers and recruiters?
These aren’t vast bureaucracies but often ordinary businesses or organisations that have recognised that they have access, quite reasonably, to important, private business or personal information. They know that they have legal, financial and ethical responsibility to ensure that they handle that data as carefully as they can. What they have also seen is that taking the right approach to data security is also a great opportunity to generate more business. And ISO27001 provides a route towards achieving those additional rewards.
So what is ISO27001 and what will it do for you?
ISO27001 is an internal information security standard used to accredit Information Security Management Systems (ISMS) i.e. how you look after sensitive or valuable information (your own or your clients’). Having an ISMS in the first place is important because it means you are proactively identifying, managing and minimising threats to that information. And relax, most businesses do have at least some elements of an ISMS in place in the form of different policies and procedures. It just may need upgrading.
Achieving ISO27001 accreditation of your ISMS is a gold plated way of communicating your data security credibility to clients and stakeholders. Remember that their awareness of the need to protect their important information is heightened on an almost daily basis by news of hacks, leaks, fines and business losses. Eventually they will come knocking on your door expecting some proof of your commitment to their security; today you still have the chance to make the first move.
ISO accreditation is only for the big-boys, right?
Now we realise that for some of you the mere mention of the phrase “ISO standard” will conjure up images of mountains of paperwork and dealing with days of grilling by auditors. Fortunately that is no longer the case because the National B2B Centre is in a position to guide you through the process quickly and with the minimum of pain.
The key to success is working out which parts of the standard are actually applicable to your particular business. Our ability to identify only the relevant sections and provide optimised submissions relevant to your sector or your size of organisation, will both reduce the paper chase and make the all-important audit easier to comply with.
At the end of it all you will get the opportunity to cement your relationship with existing clients and then reach out to a brand new audience with a heavy duty proposition in hand. Think of the competitive advantage that you can generate over those rivals who don’t even bother doing back-ups yet.
By way of an example the B2B Centre recently guided AdvanceTrack Outsourcing, providers of outsourcing services for professionals in both accountancy firms and corporates, through the accreditation process. Managing Director, Vipul Sheth, was pleased with both the process and the results:
“The B2B Centre team reduced the complexity of achieving ISO27001 accreditation, which saved us time and money. Having this independent validation is providing customers with further confidence that we are the partner of choice when it comes to data security and quality.”
What to do next
If you have had the sudden realisation that your business is trusted with access to confidential or detailed client information, and you want to a/ handle it better and b/ turn this into a new opportunity call me today on 02476 620158 or email email@example.com.
Let’s have a confidential discussion to work out the next steps.