This latest standard, which supersedes the now outdated ISO 27001:2005, places far more emphasis on setting objectives, monitoring performance and metrics. There is less reliance on a business identifying preventative actions, with actions to address risks and opportunities as they become apparent of greater importance.
Customer Services Director at Quiss, Ian Harrison, who led the team delivering the necessary processes to achieve accreditation commented: “We believe we are the first IT services provider in the UK to achieve this accreditation and it’s hugely satisfying, given the hard work put in by everyone in the business, from field engineers to the data centre team.
“This new standard is a huge step from the old one. This isn’t just about data security though, it looks at the business as a whole, considering our financial strength and any commercial risk to our clients, whilst ensuring everyone in the business is aware of their responsibility to protect clients’ data.
“We have worked with sensitive data for many years and so the stringent new procedures required to keep data secure came as no surprise, given our previous involvement with PCI/DSS. However, it was still enormously gratifying that whilst undertaking our assessment, Alcumus ISOQAR noted; ‘there were no major non-conformances identified during the audit’.
“Given the growing reliance on Cloud solutions and the transmission of large volumes of sensitive data over the Internet, it is imperative that clients can have complete confidence in the ability of their service provider to manage and store data securely.
“Now the initial excitement over Cloud services has passed we expect customers to be far more selective in the service providers they choose. As a UK-based, independent, privately-owned business that owns and manages its own data centre, we are experiencing a surge in interest in our hosting services; Public, Private and Hybrid. And this ISO 27001:2013 accreditation stands testament to our commitment to delivering a standard of service that few, if any, of our competitors can currently match.”
In what was a very detailed report, Alcumus ISOQAR also noted; ‘Quiss has set up an effective Information Security Management System (ISMS) that meets all the requirements of ISO 27001: 2013. The implemented ISMS is operating effectively and there is evidence of the management’s commitment and continuous improvement through training, awareness and improved incident reporting.
Quiss Technology, established in 1988, is a Microsoft Gold Certified Partner operating from headquarters in Tamworth and offices in London, currently employing around 80 full time staff.