The Outsource Group– is a leading IT Security and Managed Service group founded in 2000. Outsource’s vision is to be the ‘go to’ managed services group for customers with IT, Cloud, and Telecoms requirements all underpinned by the most robust security protocols and technologies available in the market today. Not only does Outsource focus on the security of clients but also places a strong focus on its own internal security and as such commissioned Quadra to assist with the implementation of ISO 27001, the international standard for information security, and sets out the specification for an information security management system (ISMS).
The information security standard’s best-practice approach helps organisations manage their information security by standardising operational processes throughout the business and setting a pathway for continuous improvement internally. With the knowledge of the massive benefits that ISO 27001 certification would give Outsource’s clients assurance that their data security was being taken seriously and all security controls were being independently audited and verified, it also benefits the business by helping to reduce information security costs and demonstrating a commitment to data security and provides a valuable credential when tendering for new business.
With Quadra’s unrivaled experience in developing and maintaining information security management systems aligned with ISO 27001 requirements, we were selected to assist and collaborate with Outsource’s team to achieve certification.
To begin the process Quadra met with Outsource to understand the business unit operations, gather information, and access the existing information security processes against the requirements of ISO27001. A risk treatment plan was conducted after this review to identify key information assets and potential threats and vulnerabilities identified through the risk assessment process.
Quadra created a Statement of Applicability dealing with the controls and deemed to be applicable in line with ISO 27001, develop information security development of an information security policy and procedures, and implement the information security management system to the requirements of ISO 27001. Following guidance on an implementation period, Quadra carried out a full internal audit of the system to assess and ensure readiness for certification and facilitated a review in assessing the system prior to external audit.
Following the two stages of external audit, Outsource was recommended for ISO27001 certification. This achievement was of huge importance to all involved in standardising information security management processes throughout their innovative business, at an internationally recognised level.
“Whilst we already secured a number of security-focused external certifications, we recognised the value and rigor in progressing to ISO27001 certification and after considering a number of options opted to use Quadra to support us on this journey. From the initial engagement, Quadra staff were proactive and supportive and remained so throughout the process, resulting in a straightforward and pain-free route to certification” – Eamonn Bunting. Outsource Group.