Newcastle Strategic Solutions has received accredited certification from British Standards Institution (BSI) to ISO/IEC 27001:2013 (ISO27001), the international standard for an Information Security Management System (ISMS), covering process, personnel, physical and technical security. Achieving this status certifies that we are following information security best practice and have taken the necessary steps to help protect our clients' data against cyber and security threats.
As new data requirements are introduced, regulatory compliance is critical. Our approach for keeping information safe complies with regulatory requirements such as the General Data Protection Regulation (GDPR). The ISMS framework puts in place a systematic approach to managing sensitive information, ensuring it remains both secure and available. Implementing the internationally recognised information security standard is the most effective way of reducing the risk of suffering a data breach, as a result offering us more protection against a potential attack.
Phil Grand, Managing Director of Newcastle strategic Solutions said "Information security is a priority for Newcastle Strategic Solutions; we have strong security practices embedded within our organisation to protect our clients. This certification from BSI highlights our high security standards and ensures processes are in place for cyber resilience."
Following a 12 month project involving resource group-wide, certification audits were concluded over two stages, spanning four months. Risks were assessed, analysed and evaluated against a set of predetermined criteria which covered well over 100 separate controls. Auditors assessed whether our internal ISMS is functioning properly and provides the level of security needed to protect the information we hold. Newcastle Strategic Solutions are committed to the ongoing assessment of our ISMS approach, with another audit already scheduled towards the end of 2018 as part of ongoing maintenance and surveillance of our adherence to the standard.