Service Delivery Manager,
Earlier this year, we were delighted to secure ISO 9001 accreditation in recognition of our commitment to quality management systems, but we knew that this was just the start of our ISO journey. As a rapidly growing business with an increasingly high-profile portfolio of customer projects, we need to ensure we’re not just meeting, but exceeding the expectations of those customers and delivering projects for them within a framework of market-leading systems and management.
Here Kirsty Thompson, our Service Delivery Manager and ISO guru, explains the next step that we’ve taken on that journey – ISO 27001 accreditation which we’re delighted to have secured with effect from December 1st 2020.
It’s almost unimaginable that it was only earlier this year we announced that we’d secured our ISO 9001 accreditation. This year has been anything but ‘normal’ and the speed with which Consenna has grown means the business we are now is significantly different to the one we were at the start of the year.
Our focus, however, is not solely on exceeding expectations in the projects that we deliver, but also in respect of the framework and culture in which we’re operating as a team. ISO 9001 was a natural first step for us to take as it allowed us to think holistically and systematically about our processes and how they relate to one another and whilst that’s a great achievement to have secured, we knew that more would not only be needed but, in fact, demanded by our customers.
And so began our journey to ISO 27001 accreditation focused on the management of information security.
Whilst there were some overlaps with ISO9001, 27001 was a far more in-depth process requiring many more deliverables. I actually spent an entire week with a specialist consultancy to work through the statement of applicability which outlined the framework of ISO27001.
But this isn’t simply a box-ticking exercise. Naturally, we’ve had to evidence our compliance with relevant laws and regulations and with the accreditation secured, we can now demonstrate our credibility and trust to customers when it comes our handling of their information.
Above and beyond that, however, it has proven vital for this to be truly embedded in to the everyday working ethos of the entire team. ISO should not be an additional task that we are asking our employees to undertake, it should be part of everyday tasks and responsibilities. To support that sentiment, we have formed an internal ISO committee and I for one feel certain that having this in place will equip us for future growth and success.
And will we pursue further quality accreditations? For the time being, our focus must be on ensuring that what we’ve worked hard to be recognised for is truly embedded in everything that we do and that our customers benefit from this. Once we’re confident that this is the case then I don’t doubt we’ll start considering further accreditation options.