ISO 27001 Re-certification Audit

On the 8th of March 2024, we were pleased to welcome Ben Frisby from Atlas for our annual ISO 27001 re-certification audit, which was conducted online. Representing Axia Digital during this process were Managing Director Richard Etheridge, Development Team Leader Dawid Hetmanczyk, and Business Support Officer Thomas Duke.

We received our audit report just a few days later and are proud to share the results: 30 positive observations and zero rectifications required. This excellent outcome confirms our continued commitment to robust information security practices and maintaining the highest standards set by ISO 27001.

Our certificate can be viewed here.

Successful Observation Areas

Core

The audit highlighted strong performance in the core areas of planning, risk management and operations. Our approach to identifying and addressing potential risks continues to be proactive and well-documented, ensuring that our systems and processes remain secure and resilient. Operationally, we’ve maintained consistent procedures that support the secure delivery of our services, helping us meet both internal objectives and customer expectations with confidence.

Support

In the support category, we received positive feedback for our practices in leadership, training and competence, monitoring and measurement, and document management. This reflects our focus on building a well-informed and capable team, supported by clearly defined documentation and effective oversight. These processes ensure that all staff understand their responsibilities, stay up to date with relevant policies, and contribute actively to our culture of continuous improvement.

Management

Our Information Security Management System (ISMS) was found to be robust, with no gaps across key areas such as policy implementation, corrective actions, internal auditing, and management review. The audit recognised that we not only maintain comprehensive policies, but also regularly assess and enhance them through structured audits and reviews. This reflects our commitment to not just maintaining compliance, but actively evolving our practices to meet changing security challenges.

Statement of Applicability

This section of the audit covered 23 control areas – all of which were successfully met. These included controls around access and asset management, cryptography, system development, and supplier relationships, as well as key operational areas such as physical security, communications, and incident response. Our ability to meet these requirements demonstrates that our security controls are deeply embedded across all parts of the organisation, supporting business continuity and compliance at every level.

Other Certifications and Awards

From international standards to industry recognition, we’re proud of the benchmarks we continue to meet. To learn more about our other certifications and awards, visit our Accreditations page.