Becoming ISO Certified
By Cloud Direct • 09 Aug 2011
Cloud Direct was recently awarded the International Organization for Standardization (ISO 27001) certification for Information Security Management and (ISO 20000) certification for IT Service Delivery Management. It has required the company to design and implement processes which are externally audited in order to be regarded as compliant.
ISO is recognised as the global standard for ensuring best-practices business processes. The ISO 27001 certification is an endorsement of Cloud Direct’s commitment to ensuring the security of our customers’ data.
Complying with these standards ensures we not only consistently deliver a high quality of service, but continue to improve this service and the processes behind it. This responsibility is shared throughout the organisation from sales, service, marketing and our management.
It also enables us to deliver a higher level of security. We are audited to verify that our approach to managing information, including that of our customers, partners and suppliers, ensures availability to authorised parties and protection against damage and interference. It means our employees must acknowledge, understand and implement the processes designed to maintain information security.
These standards have improved our levels of business continuity planning. We must identify and manage the increasing level of threats, vulnerabilities and risks that may impact the business to ensure availability of service and support functions.
What have we done?
The main change within the organisation is the implementation of the Plan, Do, Check and Act (PDCA) Cycle, which has driven the continual improvement of service and security processes. We have also sought to adopt industry best practices in IT service and security to help guide our business processes.
We have documented business processes, creating a more controlled and standardised means of working, with more rigorous and frequent monitoring, reporting and analysis of our operational performance.
We have adopted a risk based approach to designing and implementing processes that maintain the confidentially, integrity and availability of information. We have built a more robust physical and IT infrastructure, as well as improved the technical development and training amongst our service team.
We have also designed, implemented and tested a business continuity plan that incorporates a regular risk analysis to ensure that we are fully concentrated on managing and mitigating business risks. This means that we are able to continue operating in all but complete and catastrophic infrastructure loss.
What does this mean for our customers?
These processes, whilst designed to be seamless, can only help to improve our customers' experience of our service. Our customers will hopefully find that we are able to be more efficient and more effective in our customer service case handling.
The ISO 27001 standard will also ensure that we continue to handle our customers information in a secure and correct manner, every time.
Overall, it will look to build upon our existing service achievements, and ensures we have tangible plans and processes in place as part of our continual improvement of customer service.
Find out more
Share this post