WORKBOOKS IS ISO 27001 CERTIFIED
What is ISO 27001?
ISO 27001 is the international standard that lays out specifications for an ISMS (information security management system). The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations – irrespective of their size, type or nature.
ISO 27001 is one of the most popular information security standards in the world. Organisations that meet the requirements may be certified by an accredited certification body following the successful completion of an audit.
What does ISO 27001 certified mean?
It demonstrates that we have defined and put in place best-practice information security processes. ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS) – a set of policies, procedures, processes and systems that manage information risks, such as cyber attacks, hacks, data leaks or theft. Our Information Security policy is available here. Our compliance FAQ provides answers to most questions you may have.
ISO 27001 dictates the way we look after and manage confidential and sensitive data. It shows how seriously we take the protection of not only your information but also all of your customers information.
ISO 27001 & GDPR
By implementing ISO 27001 we are ensuring that we have minimised the risk of a data breach, with GDPR specifically stating “that personal data should be protected against accidental loss or damage.”
An ISMS that conforms to ISO 27001 meet all requirements of article 32 of GDPR by encrypting all personal data, restoring availability of personal data after a technical incident and so on.