Blog

Freethought gains ISO 9001 and 27001 certification

Written by Kieran Jones

Freethought is thrilled to announce that we are now certified to ISO 9001 and ISO 27001 standards for quality management and information security.

ISO certification badges

This doesn’t mean that anything has changed or is necessarily going to change, however the amazing customer care, quality of service and the high level of security that we’ve always provided, have now been formalised, throughly assessed by external auditors, and certified against two internationally recognised rigorous standards.

What is ISO 9001?

ISO 9001 is an internationally recognised standard for quality management systems that our company processes and procedures have been measured against by an external auditor. The standard is focussed on ensuring customer satisfaction by a process of continuous improvement, in order to become certified we have implemented and formalised many of the processes we already had relating to customer service and support.

In a day to day practical sense this means that we now will record and measure our performance based on customer feedback, complaints we receive, and off the back of support tickets where perhaps we’ve identified something we can do better. For example if during a support ticket we identify something that could have been better and would prevent the issue occurring again, we will record this and then take action to improve it. Prior to certification this was a far more informal process, although we would have no doubt still made improvements.

What is ISO 27001?

ISO 27001 is an international standard for information security management system (ISMS). An ISMS is essentially a framework for policies and procedures that an organisation has related to legal, physical, and technical controls involved in ensuring information security. In real terms “information security” is referring to the means by which we keep our network, infrastructure, and our customers data secure.

As part of the certification process we have simply formalised and documented the existing controls we had in place for information security. Anyone who has been a customer of Freethought for any time will know already how seriously we take security, gaining this internationally recognised ISO 27001 certification demonstrates just how seriously we take it.

Day to day this certification means that as part of our ISMS we now take a risk based approach to information security, we have a programme of continuous monitoring and improvement (combined with ISO 9001) and whenever an information security risk is identified, or an opportunity for that matter, it is thoroughly assessed and then controls put in place to mitigate that risk or act upon an identified opportunity. The standard is extensive and covers every part of our company, from our password policy, to the mobile phones we use, to cryptography controls, all the way to the types of locks we put on our doors; with this risk based approach to our ISMS we consider all the implications of decisions we make within the wider context of information security.

What does it mean for me?

Having gained ISO certification does not really change anything for our customers, what it does mean though is that you can take comfort knowing that as well as seeing the incredible reviews our customers give us, an objective 3rd party has looked at every part of our business and measured it against an internationally respected standard and found that we meet those standards. A big tick in the box so to speak!

What it does mean for us going forward is that organisations, especially larger or public sector organisations can be assured that we have the processes in place to maintain quality and security, and this will help us secure new business where perhaps we were unable before owing to lacking that certification.