, the global leader in information security and ISO 27001-compliance expertise, has announced that Esri
UK has successfully achieved certification to ISO 27001 with the help of IT Governance’s consultants.
As a major provider of enterprise-wide geographic information systems (GIS), Esri UK’s main drivers, on embarking on the project, were to meet compliance requirements, adopt information security best practice and differentiate themselves from competitors.
Nick Rigby, non-Executive Director, Esri UK said, “Like many organisations that pursue standards-compliance and certification, our initial drivers came from Government in terms of contract requirements. Having previously gained ISO 9001 certification we embarked on the process of gaining ISO 14001 and, more recently, on ISO27001. We evaluated the benefits of an international management systems standards-based approach and found that it brought us significant benefits in addition to the tick-in-the-box aspect when tendering.
Rigby added, “Furthermore, at IT Governance’s suggestion, using PAS 99 we adopted an Integrated Management System (IMS) approach to this work. We now believe that a management systems approach is helping us to grow our business through the development of processes and procedures based on the ISO standards frameworks that we have successfully adopted, which will also, soon, include ISO 20000.”
Steve Watkins, Director – Consultancy & Training at IT Governance, said: “We are delighted that with our help Esri UK managed to achieve ISO 27001 certification ahead of schedule. For some ISO 27001 seems to be an impossible challenge, but if supported by management as in Esri UK’s case, and coupled with the necessary skills and knowledge, success is only a matter of time.”
Nick Rigby said, “At the outset we knew that ISO 27001 was no picnic in the park, but the knowledge that we had IT Governance consultants to guide us made the job very do-able. They have helped well over 100 clients to gain certification. After that amount of practical experience, their people knew what we needed.
As part of the consultancy package IT Governance delivered ISO 27001 Foundation
and ISO 27001 Lead Implementer
training courses to Esri UK’s members of staff which the client found to be ‘very valuable.’
Additionally, the ISO 27001 Comprehensive ISMS Toolkit
helped Esri UK save a great deal of time when creating the required ISO 27001 documentation. For the comprehensive risk assessment, which is often the most complex part of the project, Esri UK’s team used vsRisk™
– a specialist ISO 27001 information security risk Assessment software tool.
IT Governance provides consultancy services on management systems implementation and compliance including ISO 27001
, ISO 9001
, ISO 22301
, ISO 20000
and other standards.
To download the Esri Case Study, visit: www.itgovernance.co.uk/media/case-studies/esri.aspx