Certification International – a leader in the assessment and certification of international, national and industry standards – has received accreditation from UKAS for the revised ISO 27001:2013 standard.
ISO 27001:2013 specifies the requirements for establishing, implementing, maintaining and improving an information security management system (ISMS).
There are now more than 17,000 registrations worldwide and revisions to the standard have taken into account the practical experience of organisations using it. The changes were influenced by the ISO requirement that all new and revised management system standards must conform to the high level structure and identical core text defined in Annex SL to Part 1 of the ISO/IEC Directives and a decision to align the standard with the principles of ISO 31000 (risk management).
Revisions to the standard have placed greater emphasis on setting objectives, monitoring performance and metrics and a requirement for management commitment requirements to focus on leadership.
An important standard for all companies
Speaking about this latest development, Certification International’s managing director John Pymer said: “Receiving accreditation for the latest information security management system ensures we provide clients with a high quality service. Assessing companies to the latest standards not only benefits our clients but also plays a key role in our business strategy. By placing Certification International as a leader in the certification industry it will help us grow, not only in the UK but on a global scale.”
Pymer added: “ISO 27001:2013 is an important standard for all companies, whatever their size or sector. It’s vital for companies to underline their responsible practices through the achievement of such a well-recognised standard. Certification International’s experience means we can partner with companies looking to implement operations which allow them to integrate the latest information security management systems into their business.”
Certification International will be working closely with all clients to ensure they’re assessed against the new requirements at their next scheduled visit to achieve transition by the deadline of 1 October 2015.
Certification International’s UK business manager Emma Fawcett-Jones commented: “Clients who are already certified to ISO 27001:2005 will have to transition to the new standard before July 2015. There are two ways to achieve this. The first is to prepare themselves and make sure they’re ready for the transition review at the next surveillance or reassessment audit that’s due in their schedule before the transition date. Clients who choose this option will have to complete a transition review checklist and provide it before the audit date for the auditor to review. The second option is to undergo a separate transition review audit.”
Fawcett-Jones also stated: “In order to help clients through the transition we’ve published guidance and a checklist to send to all of our clients who have achieved the outgoing standard so that they have sufficient time to prepare themselves for the change.”
UKAS accredited bodies are assessed against internationally recognised standards to demonstrate their competence, impartiality and performance capability.
Part of the SOCOTEC Group, Certification International is a global organisation offering assessment, analysis and certification to a variety of clients across a range of standards.
For more information visit: http://www.cert-int.com