What is ISO 27001?
ISO 27001 is an internationally recognised standard for the management of information security.
The International Organization for Standardization is the independent organisation responsible for the creation of range of globally recognised standards, including ISO 27001.
What ISO 27001 means for our customers
As an ISO 27001 web development company we have robust policies and procedures in place to ensure that security best practice is engrained in everything we do. Our clients gain reassurance that their data is in safe hands and security is of the upmost importance in the applications we develop.
Part of the ISO 27001 standard is to continually improve the information security management system (ISMS) which means that as a company we are always looking at ways to improve our security baseline.
Our ISO 27001 certification is valid for three years, however we are subject to an annual audit which is carried out by an external certification body. This ensures that we are continuing to adhere to the standard that we have been certified for.
Our ISO 27001 certification
OWA Digital Ltd. has achieved UKAS-accredited ISO 27001 certification providing reassurance to our clients that we are being held to the highest standard when it comes to information security.
You can check the validity of our certificate using the Approachable Certification’s online validation tool and entering certificate number 11899.
Approachable Certification are a UKAS accredited certification body who undertook our certification process.
Accredited vs non-accredited ISO 27001 certification
OWA has achieved UKAS-accredited ISO 27001 certification.
Organisations who choose to adopt the ISO 27001 standard have choices as to whether they gain certification or not. It may be beneficial for a company to adopt the ISO 27001 standard to improve security best practice, but not necessarily beneficial to take the additional step of gaining certification.
Organisations wishing to achieve certification have the option of either accredited certification or non-accredited certification. Whether a certification is accredited depends on whether the certification body performing the certification are accredited themselves.
Certification bodies that have been accredited, have been formally recognised by an accreditation body that they operate in accordance with international standards. You can also use the International Accreditation Forum’s certification body search tool to find accredited certification bodies. The accreditation body for the United Kingdom is UKAS (United Kingdom Accreditation Service).
By choosing an accredited ISO 27001 certified supplier you have the reassurance that the body who carried out the certification have independent confirmation of competence. This isn’t to say that non-accredited certification body’s are not reputable, but as an organisation who has been through the certification process, there seems to be little argument for opting for non-accredited certification.