We’re delighted to announce that TipTop Media has achieved ISO 27001 accreditation!
As an organisation that stores, converts and destroys sensitive documents, we decided that ISO 27001 was an essential accreditation for our business. This particular ISO sets the standard internationally when it comes to information security management systems, and verifies for our current and potential clients that TipTop Media follows information security best practices.
So now we’ve explained just what ISO 27001 is (actually the full name is ISO/IEC 27001:2013 but let’s go with the shortened version!) just what does it mean for our clients? First of all, ISO27001 aids businesses with creating a framework to comply with a number of key regulations, such as The Telecommunications Regulations Act 1998, The Data Protection Act 1998, The Computer Misuse Act 1990 and many more. Each ISO accreditation is specific to the organisation seeking it, which means that no two processes are the same, and also ensures that each business works through the process uniquely, so there are no shortcuts. There is however a general pattern that businesses seeking accreditation follow; key points in this include undertaking a gap analysis to see where your business falls short, developing management system documentation to include relevant policies and procedures, performance evaluation, and preparation for the certification audit. There is, of course, a lot more to do which you can read about here!
We decided to undergo ISO 27001 accreditation because of the many benefits to our clients and our business. To our clients, this is a clear demonstration that we are safeguarding their valuable data and information property. With security breaches hitting the headlines on a regular basis, there has never been a better time to evaluate your information security system and ensure that you are complying with business, legal, contractual and regulatory requirements. Doing this ensures that employees are aware of potential risks and security controls become an everyday task which helps to build internal and external trust in the business.
Once a business has achieved accreditation, it is still required to constantly evaluate and improve their processes, so clients can rest assured that the work put in during the process continues after accreditation.
We’re really proud of our achievement, and are looking forward to continuing the work!