IT Governance and DNV BA experts speak about ISO27001 at the CBI

First in a series of joint ‘ISO27001 Workshop’ events held with Certification Bodies opens to a packed house.

It was 09:30 am on the 26th February. Venue: the CBI Conference Centre at Centre Point in London. In the room were gathered 50 senior managers from UK industry.

As I stood to welcome the delegates attending our ‘Information Security Workshop – Practical Guidance for Senior Managers’, held jointly with DNV Business Assurance, I realised that ISO27001 has become mainstream. “If anyone on your Board says that ISO27001 information security is of no interest to your customers, suppliers and stakeholders…,” I said, surprised at my own boldness so early in the day, “…then, remember this moment. Look around you: the room is full to capacity. There is interest – both in here… and out there!”

And it was true. Days before the event, we had to put a red flash on our site advising those who wanted to book that this Event was full and we were no longer accepting bookings – please enquire about future ISO27001 events for senior managers (in the advanced planning stages) and register your interest in attending. We often fill our popular ISO27001 training courses – particularly Foundation and Lead Implementer, but achieving the same for this practical Workshop and shop window for our consultancy services was not anticipated to be a ‘C-suite magnet’.

And yet, the leaders of FT500 names were there at the beginning – and the end!

So why now? Why is ISO27001 proving to be such a draw for organisations with a national and international profile – for there were major names in our audience – and smaller enterprises, whose senior managers were enthusiastically registering from the time that we posted our page with the details? Perhaps because this ISO management system is the one that all entities need to trade safely and securely?

Paul Breslin of DNV and Alan Calder of IT Governance made the key point in their talks that Standards help organisations to be more successful and more profitable.

Ralph O’Brien of IT Governance then talked the delegates through a short case study involving Tribal, a leading provider of systems and solutions to the education, training and learning markets. This was followed by a case study on achieving ISO 27001 certification in the Financial Services sector, delivered by the DNV BA team.

Workshop Round-table discussions on certification and consultancy took place in the afternoon (see Twitter pic) moderated by DNV BA and IT Governance respectively. The majority of participants chose to join in both Workshop sessions, which were then followed by one-to-one expert advice ‘surgeries’ conducted by IT Governance consultants and DNV representatives, during which delegates could ask questions.

During the day, it became clear from delegate comments that if you can show the marketplace that you’re using the ISO27001 standard properly‚ you can attract better customers‚ participate in wider supply chains and reassure stakeholders about how well run your organisation is. To get that recognition‚ and to make sure that the standard is being used correctly‚ accredited certification is generally seen as a major plus. That means calling in a third party certification body (CB) to check how the standard is being applied. If it‘s being used effectively‚ the CB issues a certificate. The organisation can then publicise itself as ‘certified’ to the standard and enjoy all the benefits that brings – which was felt to be a compelling reason to adopt ISO27001. Improving cyber security to reduce risk and minimise loses was also important, but as one delegate said: “We want to win business through Trust.”

The second in a series of dedicated Information Security workshops is due to take place in Swindon on Thursday 18th April, at an event held jointly by IT Governance and another UKAS-accredited certification body, Certification International (CI).

The venue this time will be the Sir Daniel Gooch Theatre and Balcony at STEAM – The Museum of the Great Western Railway. A payment of £35+VAT per delegate is needed to secure your place at the event. You are advised to make your bookings as early as possible as we anticipate heavy demand for tickets in the South West.

Register online or call: 0845 070 1750. This is a rare opportunity to participate in a day of highly-informative talks, practical workshops and one-to-one advice sessions to learn how your organisation will benefit from ISO27001 information security and the steps that you need to take to implement/maintain your ISMS – don’t miss out!

For more information on how to plan your cyber security defences based on ISO27001 and keeping your business safe, download our free ‘green paper’ here >>