Yours truly just got ISO 27001 and ISO 9001 certified … that’s right, not once but twice. Atlantbh officially passed all the tests and jumped through all the right hoops to receive ISO 27001 and ISO 9001 certification.
What is all the hubbub about?
First of all, The International Organization for Standardization (ISO) is basically the Harvard of international standards – so we’re Ivy School grads! Second of all, it’s a pretty intense process.
Understanding ISO 27001 and ISO 9001
The ISO 27001 standard is one of the most prestigious security standards for the security of enterprise software. ISO 27001 specifies the requirements and processes to enable a business to establish, implement, review and monitor, manage and maintain effective information security. Basically, it ensures that we are serious about the security, confidentiality and reliability of our information and that of our clients.
ISO 9001 is the international standard that specifies requirements for a quality management system (QMS). This standard means you are able to consistently provide products and services that meet customer and regulatory requirements – basically, you offer high quality service.
How do you get certified?
For ISO 27001 you need to set up an Information Security Management System (ISMS) and make sure all your technical controls, security practices and processes are in place and aligned with the ISO standards – how you collect information, how you store it, how you access it, how you use it … you get the idea. It basically ensures that your security is top notch.
For ISO 9001, you set up a QMS which defines quality management principles that affect your work and processes. These include ensuring that you have a strong customer focus, the motivation and implication of top management is aligned with ISO standards, and you consistently strive towards continual improvement.
You then go through an extensive audit, where an independent auditing firm validates your ISMS and QMS by combing through everything. Twice.
How did it go?
We won’t lie, ISO 27001 and ISO 9001 certification isn’t always easy, but most of our processes were already aligned with these ISO standards. Especially ISO 27001 because we have always put security at the heart of everything we do, and we continue to do so.
As always, we make things look easy.