Information Security and ISO 27001
There is an increasing need for businesses to be able to demonstrate that the information they hold for their own business purposes is secure. More importantly, information that they manipulate in the course of work for their clients and customers must be sufficiently secure to avoid breach of contract or damage to goodwill.
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks. Achieving Cyber Essentials can be a cost effective way of demonstrating that a company has met a recognised level of controls around information technology, and it is increasingly being demanded as a minimum requirement for Government contracts.
How we can help:
Penarth Management Limited has been involved in assisting clients to achieve satisfactory certification to ISO27001, and its predecessor BS7799, for several years and has worked in the following sectors:
Examples of the need for secure information stretches far beyond complying with the Data Protection legislation and includes intellectual property, copyright material, credit card data, and the legal admissibility of electronic records when extracted for adjudication in the Courts. In cattle breeding and crop development records are particularly valuable assets.
Our team include specialists with qualifications and past experience as assessors of ISO27001 so we can provide guidance that is sufficient for satisfactory certification without creating a system that is too complex.
What is GDPR?
GDPR aims to harmonise data protection laws across the EU and provide stronger rights for individuals that reflect the monumental increase in the use of technology and data in business and personal lives. To meet the new standards required, all businesses need to have in place comprehensive but proportionate measures to minimise the risk of breaches and uphold the protection of personal data.
Why does it matter?
The importance of organisations taking GDPR seriously are reflected in the potential increase in fines that rise from a maximum of £500,000 under the current Data Protection Act to the new higher amount of EUR20,000,000 or 4% of annual worldwide group turnover.
As specialists in compliance, we were delighted to be invited to join the GDPR Alliance which provides one avenue for clients to find a solution to all their requirements relating to GDPR.