Did you knowin the last 12 months, 39% of UK businesses identified a cyber-attack (Ref: UK Gov) and 45% of US Companies suffered a data breach (Ref: Thales Data Threat Report)?
Statistics like these are why Vpod undertook our IS027001:2013 accreditation, and why this year, as part of our annual assessment, we transitioned and were successfully accredited with the brand-new 2022 standard.
In the 10 years since the last reiteration was published in 2013, technology has continued to grow and change significantly, and so have the systems we use. This new 2022 standard was created to address the growing challenge of global cybersecurity and to improve digital trust.
What is the ISO?
Firstly, ISO as an entity is the “International Organization of Standardisation” – the name isn’t actually an acronym but comes from the Greek ísos, meaning equal or equivalent, for the sake of having the same name in all languages.
ISO “brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges” (ref: ISO).
ISO accreditation is thus an international standard that essentially provides a structured and robust framework for managing information security risks, implementing security controls, and addressing security threats and vulnerabilities.
What is ISO27001:2022?
ISO27001 is one of the many standards that the ISO publish; specifically, the world’s best-known standard for information security management systems (ISMS), and the 2022 version is the latest revision. Being ISO/IEC 27001 certified means that Vpod Smart Solutions has a system to manage risks related to the security of data owned or handled by the company put in place, and that this system respects all the best practices and principles presented in the 2022 version of the ISO standard.
Key elements include:
- Risk Management: Ensuring risks are identified, assessed and managed.
- Controls: From the risk assessment, the organisation chooses which aspects they need to control across the organisation, people, the physical and the technological. whether it be: access control, asset management, clear desk, cryptography, configuration management, data retention, HR security, information handling, remote working, supplier relationships, physical security, or secure development.
- Continuous Improvement: ISO 27001 promotes a cycle of continuous improvement through regular reviews, audits, and updates to ensure that the organisation’s information security practices remain effective and up to date.
- Legal and Regulatory Compliance: The standard helps organisations address legal and regulatory requirements related to information security, privacy, and data protection.
- Third-Party Relationships: ISO 27001 encourages organisations to consider the information security risks associated with their third-party relationships, such as suppliers, vendors, and partners.
- Cultural and Organisational Context: The standard highlights the importance of considering the organisation’s culture, business environment, and information security objectives when implementing the Information Security Management System.
Simone Fenton-Jarvis, who led our transition said:
“We’re thrilled to announce this news! This achievement underscores our unwavering commitment to safeguarding sensitive information and upholding the highest standards of information security. A huge congratulations to our dedicated team whose hard work and diligence made this possible. Together, we continue to reinforce our foundation of trust and reliability in an ever-evolving digital landscape for the benefit of all our customers.”
Vpod is dedicated to providing the best and most convenient solutions to our clients, which includes keeping the highest standard of digital security. With this new accreditation, our goal is to maintain our service quality and continue to improve to accommodate our clients in the best possible way.