Warwick achieve world-leading ISO 27001 Accreditation
Warwick International is proud to have achieved the leading global standard in information security, ensuring we offer our customers the very highest levels of data security.
The ISO 27001 standard from the British Standards Institution, underlines our commitment to safeguard our own and our customers’ content and data in the most secure manner achievable.
Benefits of the standard to our clients include:
- Ensuring we have a structured and measured policy and procedure governing our information security
- Guaranteeing that data is encrypted appropriately
- Classification and approved handling procedures for all information types
- Ongoing surveillance audits to ensure we are always compliant
- Robust Business Continuity plans ensure that business can continue if a disaster occurred
- Our whole business is accredited, not just a department or partner
- Assisting with speeding up the procurement process
- Certificate and policy to share with existing clients
- Validating Warwick as a secure and reputable company
At the core of the Standard is the implementation of an information security risk assessment process that assesses the business harm likely to result from a security failure and the realistic likelihood of such a failure occurring in the light of prevailing threats and vulnerabilities.
Consequently, Warwick is now better equipped to make information security decisions and investments that ensure appropriate protection of customers’ information.
Mike Barton, Managing Director of Warwick IC systems, said: “This shows Warwick can compete with the very best in the world in terms of data security and that our customers can deal with us with the utmost confidence. We are delighted to have been accredited with ISO 27001, it is an incredibly important accreditation in today’s world.”
“We are committed to being the market leader in providing the highest quality, most effective Occupational Health and Health & Safety management solutions and now we are a market leader in relation to our information security management system; protecting us, and protecting our customers.”
Warwick achieve Cyber Essentials Plus Accreditation
Warwick International is proud to have achieved the Government backed and industry supported Cyber Essentials Plus scheme, proving we protect ourselves and our customers from cyber-attacks.
Benefits of the scheme to our clients include:
- Practical validation of security measures and policies
- Boundary firewalls and internet gateways prevent unauthorised access
- Systems are configured in the most secure way
- Access Control is in place to ensure only those who should have access to systems do, and at the appropriate level
- Virus and malware protection is installed and up-to-date
- The latest supported version of applications is used and all necessary patches have been applied
The scheme is based on the Governments ’10 steps to Cyber Security’. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats. Through its Assurance Framework, the scheme offers a mechanism for us to demonstrate to our customers that we have taken these essential precautions.
Consequently, Warwick now has the reassurance that it’s approach to security meets and exceeds industry best practice and that the robust security policies and procedures adopted for the ISO 27001 accreditation are working in practice.
Martyn Lawson, Information Security Manager for Warwick IC Systems, said: “Being awarded the Cyber Essentials Plus certificate is the latest achievement on our security roadmap. It provides a practical validation of our security policies. It’s easy for companies to rely on the certificates of hosted data centres, but securing the Cyber Essentials Plus scheme also gives our clients the assurances that we as a business, as well as our internal systems, are secure and their data is safe in our possession.”
“High profile cyber-attacks are making the news far too regularly. We’re proud that none of our hosted customers have been affected by the recent attacks, and the award of Cyber Essentials Plus confirms why. Warwick International treat security with the upmost importance and we will continue to stay ahead of the curve in this fast moving world.”
General Data Protection Regulation 2018
“Warwick International have always recognised the importance of information security and the need to manage this as a fundamental aspect of our internal risk and governance framework”.
Our commitment to this cause propelled us on a journey that not only resulted in certification under the globally recognised ISO/IEC 27001:2013 standard, but that also brought about a cultural transformation across our business. Our overall aim has always been, and will continue to be, the integration of information security as a core consideration in each and every process we undertake.
With the introduction of the General Data Protection Regulation in May 2018, we wanted to take this opportunity to assure our customers of our ongoing commitment to information security and the steps we are taking to strengthen our governance controls, so that we can continue to meet and exceed our legal and customer requirements:
- Our policy framework forms a fundamental part of our information security management system as it sets out the principles we apply as a business to protect information. We will review existing principles and policies to ensure they are in line with the regulation’s requirements
- We understand the importance of transparency in data processing. Our fair processing notices will provide clear guidance to data subjects on how we will handle and process information as well as be a point of contact for any questions
- We recognise that third party suppliers are an area of risk for the business. Our supplier management program is a fundamental aspect of our control framework. All suppliers are assessed and, where applicable, audited on the basis of risk and controls and contractual provisions are applied accordingly
- We will continue to build upon existing processes to ensure any security incidents are identified and managed swiftly and in line with the regulation
- As part of our ongoing security roadmap, we will develop controls for meeting data subject access requests within the reduced timescales specified in the GDPR
If you handle information about people’s health and medical affairs, visit the ICO website for more information.