Maintaining ISO Certification
Axia Digital celebrates the success of ISO 27001 and ISO 9001 in early February 2023. QMS International conducted the audit using Microsoft Teams, completing it in nearly two days. The process involved an intense series of meetings, where policies and processes were assessed against the Standard. The auditor reported that our internal audit process documentation and planning procedures were good. He added that it demonstrated the commitment and processes which the company had put in place to maintain certification.
On hearing the news, Chris Peat, Chair of the company’s Board of Directors, said:
“I remember how hard this was to achieve in the first place and to maintain. The fact that you have sailed through this assessment, reflects all your hard work to ensure that the ISO principles are followed in all that we do and that everything now is fully documented.
I also know that it is now a standard requirement of all tenders that we have these accreditations and therefore continuing to be fully accredited, is a significant contribution to maintaining our current position and our future growth.”
Managing Director Richard Etheridge added:
“It certainly didn’t feel like sailing, however, we were able to demonstrate processes and policies where required. There were a few minor non-conformities identified but our audit processes had already picked them up, they were documented in our logs and work was already in progress to address them. It demonstrated to the team and the auditor that the internal audit process we’ve implemented works and all our hard work over the last year has paid off. As Chris says, ISO certification is increasingly vital in bidding and tendering for business, so we’re delighted to have secured ISO27001 and ISO9001 in February 2023.
A big thank you is due to Dawid and Max, our senior developers, As always with this type of experience we’ve all learnt something new. We will certainly strive to improve our internal processes further and we’re looking forward to the next Audit in 2024″
Details About ISO 27001 and 9001
ISO 27001:2013 Certification – Information Security Management
Most organizations have a variety of information security controls in place. However, in the absence of an information security management system (ISMS), these controls often lack organization and cohesion. They are typically implemented as point solutions for specific situations or as conventional practices.
ISO/IEC 27001 requires that management:
- Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities, and impacts;
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.
ISO 9001:2015 Certification – Quality Management
The ISO 9000 family is a set of five quality management systems (QMS) standards that help organizations ensure they meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of QMS, including the seven quality management principles that underlie the family of standards. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfil.
Contents of ISO 9001:2015 are as follows:
- Section 1: Scope
- Section 2: Normative references
- Section 3: Terms and definitions
- Section 4: Context of the organization
- Section 5: Leadership
- Section 6: Planning
- Section 7: Support
- Section 8: Operation
- Section 9: Performance evaluation
- Section 10: Continual Improvement