We are pleased to announce that our management system has been independently certified by DNV GL to operate in accordance with the Information Security Management System requirements of ISO 27001:2013. The scope covers all aspects of the Company’s electronic and paper-based data handling systems and their use by all employees in carrying out scientific and mathematical consultancy and software development.
ISO 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system. It includes requirements for the assessment and treatment of information security risks tailored to the specific needs of the company, and for the establishment of appropriate business continuity management processes. Our motivation for obtaining ISO 27001 accreditation is to demonstrate our desire to protect the confidentiality, integrity and availability of information assets belonging to the Company and/or entrusted to it by its clients and suppliers against threats and errors, by ensuring all information is held and maintained in a secure and controlled environment and in compliance with all contractual and legal/regulatory requirements.
The Company’s management system is also accredited to the ISO 9001:2015 quality management standard. Both ISO certifications are capability assessed under the umbrella of the TickItplus scheme. In addition, we are accredited to the Cyber Essentials Standard, meeting the implementation profile BIS/14/696 covering Information and Communication Technology defences against commodity based cyber-attack.