Asckey successfully completed the ISO 9001:2008 and ISO 27001:2013 recertification and interim audit in 2016. The audit was successfully completed with no non-conformities identified.
ISO 9001:2008 requires organisations to have a robust quality management system. This must demonstrate a consistency in providing products and services that meet both customer and relevant statutory and regulatory requirements. Compliance ensures increased operational efficiency, improved documentation, fewer customer complaints, and greater employee awareness.
It enhances customer satisfaction through effective systems application, including processes for continual improvement and the assurance of system conformity. ISO 9001:2008 requirements are generic and applicable to all organisations, regardless of type, size and product/service provided.
The ISO 27001:2013 standard certifies that Asckey has the required information security controls in place to protect client data. It also acknowledges an organisations extensive range of comprehensive, data security standards and processes in place across the whole organisation.
ISO 27001:2013 is the most stringent certification for information security controls; it provides a guarantee that organisations have adequate information security procedures and risk assessment processes in place to prevent and defend against potential data breaches.
All of our quality management systems and organisational structures are regularly audited by IMS International, a leading ISO certification body specialising in the quality and safety of a wide range of industries, products, processes and systems.
All of Asckey’s processes have been specifically designed to accurately identify and address data security risks. Such processes are in place to ensure our clients’ confidential data remains secure, an on ongoing process which is as part of our wider quality policy. Trusts require service providers to provide robust, quality systems that can deal with sensitive data and that are backed by professionally verified data protection procedures.