May 7, 2009The tools and procedures required for ISO/IEC 27001 compliance have actually been implemented for years at QA Assistant to reduce operational risk, increase business efficiency, and ensure information and system security.
Engineering quality into our business and intuitive software products is something which has been prioritized and ingrained in our culture since our first line of code was ever typed. We have documented controls in place which are strictly adhered to for every aspect of our business -- from supplier assessments to development and testing procedures. We also use FMEA risk analysis at an application, system, and corporate level. And our software must pass a fully documented 100% functionality test prior to release!
What is ISO/IEC 27001?
ISO/IEC 27001 is an internationally recognized standard which provides strict guidelines for establishing and maintaining an effective Information Security Management System (ISMS) within an organisation -- ensuring "that an organisation's information is secure and properly managed."1
What does this mean for our customers?
Our customers may take comfort in knowing our system is completely documented and tested to the highest standard -- required of most government contracts. Compliance with the specification ensures our Security Policy, Organisational Security, Asset Management, Human Resource Policy, Physical and Environmental Security, Communications and Operations Management, Access Control, Information Systems, Incident Management, and Business Continuity plans explicitly state our high expectations and requirements for protecting our customers, data, information, and systems.
Would you like more information on this standard?
More information on the standard may be found on the ISO website: http://www.iso.org/
1 British Department for Business Enterprise & Regulatory Reform website