Our journey to ISO27001 Accreditation
After researching what we needed to do and assembling a crack team of Laura Clarke, DPO, Ryan Finlayson, IT Manager and Jon Minns, our Tech Director, to advise from a board level, the team’s unwavering dedication to safeguarding sensitive data and ensuring operational excellence was definitely tested over the next few months.
Author
How can we help with your event?
Get in touch with the team today.
On the way gaining a deeper knowledge of risk management and information security. With our roadmap in place, the team were allocated control processes and understood their role in helping achieve accreditation.
Laura, appointed as the Data Protection Officer (DPO), played a pivotal role in overseeing data privacy and compliance throughout the journey. Her comprehensive understanding of data protection laws and regulations ensured that our processes being put in place adhered to the standards required for accreditation. Having a proactive approach to identifying potential risks and implementing appropriate controls instilled confidence among both internal teams and external stakeholders.
Ryan, our in-house IT manager, looked after the IT side of the accreditation. His unwavering dedication to fortifying the company’s digital infrastructure against possible threats was on another level. Ryan implemented robust cybersecurity measures, including encryption protocols, firewall configurations, and access controls to mitigate the risk of data breaches. His proactive stance towards identifying vulnerabilities and implementing corrective measures was crucial in securing sensitive information across all digital platforms.
Providing strategic guidance and oversight from the board level was Jon, our Technical Director, serving in the new role as the Chief Information Security Officer (CISO); he ensured that we remained steadfast in our commitment to information security excellence. With his extensive experience in cybersecurity & IT management, Ryan, for one, found it good to have him on the team.
By October, we were in a position to go for our Pre Certification audit. Fortunately, through the year, Paul and the team had built a relationship with the ISMS auditor with weekly check-ins and lots of ‘How’ & ‘Do we need to’ type questions being top of the list in the calls, but that didn’t get us an easy audit, quite the opposite!
We successfully navigated the Stage 1 & 2 Pre Certification audits and the external Stage 1 & 2 accreditation audits. It was a rigorous process of ISO27001 accreditation that culminated on 30 November 2023 when the ‘You did it’ email dropped in my inbox!
The benefits of ISO27001 accreditation extend beyond mere compliance, offering tangible advantages such as improved risk management, enhanced client trust, and increased operational efficiency. By aligning its practices with internationally recognised standards,
Looking ahead, we remain committed to upholding the principles of ISO27001, continually refining processes and technologies to stay ahead of emerging threats. There’s a 3-year audit programme, with the first part only a month away!
In conclusion, our journey towards ISO27001 accreditation shows Premier’s unwavering dedication to information security excellence. Through the collective efforts of me, Laura, Ryan, and Jon, the company has not only achieved compliance but also strengthened its position as a leader in the events industry.
As the digital landscape continues to evolve, our clients can be confident in our commitment to safeguarding sensitive data and upholding the highest standards of integrity and professionalism. It validates our dedication to information security and enhances credibility and competitiveness in the global market as one of the few UK-based event companies with ISO27001 accreditation.
Give Us a Call
Drop Us an Email
Follow Us