Certification Europe has recertified IT Governance to the international information security standard IS0 27001 which, most importantly, references BS 10012:2017 and is a world first.
Through this IT Governance has achieved what few organisations worldwide can - an alignment with a comprehensive privacy compliance framework that provides a robust level of assurance to its customers and suppliers.
This was made possible during a recertification audit of its ISMS (information security management system) against the requirements of ISO/IEC 27001:2013. The audit was conducted by Certification Europe, which also found that IT Governance conforms with the requirements and controls contained in BS 10012:2017, the standard for a PIMS (personal information management system).
Alan Calder, founder and executive chairman of IT Governance, said: “This is a huge milestone for the company as we continue to demonstrate that we have taken the necessary steps to develop and implement a best practice PIMS. In such an increasingly regulatory environment, IT Governance is proud to exceed its clients’ expectations for complete transparency, increased operational efficiency and full compliance.”
Although over 33,000 organisations globally have achieved accredited certification to ISO 27001, BS 10012 is a relatively new standard and to date, no accredited certification scheme exists. Since BS 10012 has been developed to align with other management systems such as ISO 27001, it was a logical approach to incorporate the controls into ISMS. Certifying to ISO 27001 in conjunction with BS 10012 enables organisations to not only demonstrate compliance with the privacy elements of the GDPR (and similar laws), but also the information security requirements, referred to as the technical and organisational measures required by Article 32 in the GDPR.
What is BS 10012?
BS 10012 is a British standard that outlines the specifications for a PIMS. The framework has been developed to help organisations comply with the data protection requirements imposed by laws such as the GDPR. You can find more information here.
What is ISO 27001?
ISO 27001 is an international management standard that provides a proven framework for managing information security, using an integrated set of recommended policies, procedures, documents and technology in the form of an ISMS. Find out here how ISO 27001 can help you comply with the GDPR.
To find out more about how IT Governance can help your organisation implement an ISO 27001-compliant ISMS, please visit the website, email firstname.lastname@example.org or call +44 (0)333 800 7000.