ISO 27001 Certification – who needs it?

It’s becoming an increasingly essential part of due diligence that a data controller, when appointing a data processor, will ask one simple question:  “Do you have ISO 27001 Certification?”  Given that data controllers are the liable parties for any data breaches or lack of compliance, they need to be certain their data is to be processed safely.  So if the answer is “no”, the processor is unlikely to win the contract unless they have some other extraordinary and unique competitive advantage.

I was going to write a blog about why ISO 27001 certification is so important.  Then I thought it would be simpler just to show you.  It’s all about protecting your business from potential breaches.

2014 global breaches infographicFrom the stats above, taken from  the 2014 Year of Mega Breaches and Identity Theft, it’s clear to see:

  • the US is clearly the largest target, but UK has second largest number of breaches
  • retail organisations suffered the greatest volume of data loss in 2014
  • only 4% of data breaches involved encrypted data – an astonishing statistic which tells us:
    • encrypted data is harder to breach
    • given the critical nature of encryption in data protection, the sheer volume of unencrypted data is staggering – too many organisations are simply not taking the most basic of steps to help keep their data secure

ISO 27001 is an international standard for data security management, providing a risk-based approach to data security that involves a data governance standard that is embedded throughout the business covering processes, technology, employees and training.

In the past, obtaining ISO 27001 certification has been a time-consuming, arduous and costly exercise.  Now, however, the whole process of creating the gap analysis, providing robust policies and procedures, and obtaining certification can be made much simpler.

If you’d like to know more about getting ISO 27001 quickly, simply and cost-effectively, please get in touch on 01787 277742 or email victoria@datacompliant.co.uk – we’ll be happy to have a chat and answer your questions

Services at December 2014

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s