ISO 27001:2013 is a specification for an Information Security Management System (ISMS) and was published on September 25th 2013. It replaces the former ISO/IEC 27001:2005 standard. An ISMS is a framework of policies and procedures used to manage sensitive company information to make sure that it remains secure. A risk management process is applied to include people, processes and IT systems.
What does ISO 27001:2013 mean for our customers?
Our processes have been independently audited and shown to be secure and operating to the highest standards. Being ISO 27001:2013 certified gives a quality assurance that sensitive information such as customer data, logins, network traffic, storage and backups are managed in a secure manner.
To achieve certification, our processes and control systems have been assessed by an independent certification body who confirmed that we are operating in alignment with the ISO 27001:2013 certification standard.
Who is the independent certification body?
Extraordinary is ISO 27001:2013 certified by United Registrar of Systems Certification (URS Certification). URS is trusted by more than 40,000 companies across 32 countries. URS is well trusted within the IT security sector and the preferred independent certification body of companies such as Dell Computing and Siemens.
URS is accredited by the internationally recognised United Kingdom Accreditation Service (UKAS).
What is UKAS?
The United Kingdom Accreditation Service (UKAS) is the only national accreditation body recognised by the UK government to evaluate organisations offering assessment services such as certification.
Accreditation by UKAS helps customers make an informed choice when selecting an independent certification body. It shows that the auditing company meets the requirements of international accreditation standards. Customers are ensured that the competence, impartiality and performance capability of the auditor have been assessed and confirmed.