by Simon Woodhead
Following back-to-back audits, I’m delighted to report that Simwood has been certified to two ISO standards!
Firstly, ISO 9001:2015 is the international standard for Quality Management Systems. ISO 9001:2015 “helps ensure that customers get consistent, good quality products and services”. Fundamentally it is about having processes and culture centred around the customer which encourage continuous improvement – these are defined in seven principles. You can read more on the International Organization for Standardization website.
ISO/IEC 27001:2013 is about Information Security Management Systems (ISMS) as “a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.” Implementing it involves 114 specific security measures, in 14 sections, and an ongoing three-stage audit process. There’s much reading about the ISO/IEC 27001:2013 standard itself on the ISO website.
These are important achievements for us and represent lots of work in the background by Grahame, Frazer, Mandi, and Alex over the last year or more. I’m very proud of what they’ve achieved although one consequence is we now have to have “meetings” and other such grown-up things. The really important point though, is that neither standard is an absolute that one can pass and forget about. They represent a necessary and very helpful cultural change and we’re really just at the start of that. I fully welcome it, even if it does mean more meetings!