Asckey Data Services Ltd fully recognises the importance of quality standards in all aspects of its operation. Focusing on quality makes for a leaner, fitter organisation to better progress towards continual improvement of business performance. To fully embrace this philosophy, we have pursued and gained ISO 9001:2008 and 27001:2013 certification in order to continually improve our business practices for the benefit of our clients.
ISO 9001:2008 certification is suitable for all sizes and types of organisations and is well established around the world as an invaluable Quality Management System standard. It benefits organisations in all industry sectors and helps organisations to improve management processes.
The process encompasses the entire organisation and requires senior management buy-in. To achieve ISO 9001:2008 certification organisations need to demonstrate that they can meet the regulatory requirements and apply the system effectively so to be of real benefit to our customers.
Asckey were first awarded ISO 9001:2000 in 2005. Certification is kept current by external annual audits, and a tri-annual re-certification audit. Our current ISO 9001:2008 certification is based on eight quality management principles all fundamental to good business practice:
- Customer focus – organisations depend on their customers and therefore need to shape activities around the fulfilment of market need.
- Leadership is needed to provide unity of purpose and direction.
- Involvement of people creates an environment where people become fully involved in achieving the organisation’s objectives.
- Process approach to achieve organisational objectives, resources and activities need to be managed as processes, with an understanding of how the outputs of one process affects the inputs to another.
- Systematic approach to management: the effectiveness and efficiency of the organization depends on a systemised approach to work activities.
- Continual improvement – adopting this as a part of everyday culture is a key objective for an organisation.
- Fact based decision-making – effective decisions are based on the logical and intuitive analysis of data and factual information.
- Mutually beneficial supplier relationships – such relationships will enhance the ability to create valuue
The ISO 27001:2013 standard published in October 2005, is the specification for an ISMS, an Information Security Management System.
ISO 27001:2013 is the most stringent certification for information security controls; it provides a guarantee that organisations have adequate information security procedures and risk assessment processes in place to prevent and defend against potential data breaches.
Judged by independent accredited auditors, IMS International, the ISMS framework of policies and procedures includes all legal, physical and technical controls involved in Asckey’s information risk management processes.
Asckey gained their certification in 2015. Today in excess of a thousand certificates are in place, across the world. ISO 27001:2013 provides:
- Framework for information security policies and regulatory requirements
- Risk analysis and security measures for risk reduction
- Regulated management of Personal Idenfiable Data (PID)
- Focus on continuous improvement and process review
- Information security management regulation
- Common set of policies, procedures and controls in place to manage risks to information security
- Data protection, privacy and IT governance
- Certified data handling procedures
This new 2013 standard places emphasis on measuring and evaluating how well an organisation’s ISMS is performing. Originally published in October 2005, the standard was superseded in 2013 with a revised version. Today, in excess of a thousand ISO 27001:2013 certificates are in place around the world.
The standard requires commitment from participating organisations to set goals and rigorously monitor processes and seek ways to continuously improve. The standard provides a model for organisations to maintain a system for “establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS)”.
Asckey recognise the importance of data security and protecting data from security breaches is of utmost importance. Due to limitations on physical space and internal IT resources, organisations are increasingly looking to use external 3rd party providers for managed services such as N3 hosting and application development.
Achieving the ISO 27001:2013 standard certifies that Asckey has the required information security controls in place to protect client data. The award acknowledges Asckey’s wide range of comprehensive, data security standards and processes implemented across the whole organisation.
All of Asckey’s processes have been specifically designed to accurately identify and address data security risks to meet clients’ information security needs on an ongoing basis as part of their wider quality service provision.
Contact Bernard Hill on 0845 270 7747 for further information.