Note: We can of course provide support in other areas such as environmental Management and Health & Safety Management.
Firstly, may we take this opportunity to make you aware that the revised ISO9001 standard has been published as of September 2015. Our staff are already familiar with the requirements of the 2015 version of this standard and have started to deliver awareness and training to organisations anticipating implementation (or transition from the earlier version of the standard to the new one).
ISO9001 is a management system aimed at delivering, for your organisation, customer satisfaction in regard of your products and services. In essence, this standard provides a framework upon which your organisation can develop and implement an effective system of good business management. This standard also forms the core of most ISO standards – but my also be implemented as a solo management system (to which others may be added at a later time).
With regard to ISO9001 in general. Our team has implemented a range of management systems and have the additional benefit of having been international assessors of ISO9001 for a UKAS accredited Certification Body. We will develop an appropriate set of documentation for your business and train you and your staff on how to operate and maintain the system once implemented. It is also our aim to leave you with an effective management system which you and your staff may operate and maintain on your own – though, of course, you are free to engage us to do this for you should you wish.
This standard is one that we specialise in. As indicated above at its core are the principles of ISO9001 so we are really talking about the additional bits here – of which there are quite a few. These extras of ISO27001:2013 are considered by many to be complex, confusing, and thus present as difficult. Information security should not, and is not, unusually difficult. You may find that you are doing many appropriate things already – we help you identify these and reverse engineer these in the the developed management system.
For many the most difficult part is the Risk Assessment – it is if you cannot, or do not have the time or resources, to get your head wrapped around it Firstly, approaching it as a variation on a plain old Health & Safety Risk Assessment is not what is needed. There are a range of commonly accepted approaches to information security risk assessment. As is our way, our team will help you not only develop and implement the risk assessment; we will also aim to leave you feeling confident enough to continue maintaining it on your own (if that would be your wish).
As there is so many to help and so little time our aim is never to build reliance on our services into your management system, or business processes. We believe that while on-going work is nice – being there because you are honestly needed. or wanted, is far better.