Restore Digital is certified in ISO27001:2013 and as part of efforts to support the sustainability and growth of the business, we have been working tirelessly towards the most recent certification in Information Security Management.
Transitioned to 2022 standard
We are proud to announce we recently completed a transition assessment against the new version ISO27001:2022. The quality assurance team at Restore Digital are dedicated to improving capabilities to protect the business and its reputation, and our people.
What’s changed between ISO27001:2013 and ISO27001:2022?
The ISO 27001 standard, which deals with information security management systems (ISMS), was revised in 2013 and updated in 2022.
The transition to ISO27001:2022 incorporated aligning our existing Information Security Management System (ISMS) with the updated requirements of the new standard. There were key changes needed which included the security controls, of which there are 11 new ones and 58 had been revised. Additionally, 56 controls were merged into 24, resulting in a reduced total of 93 controls grouped into four themes: People, Organisational, Technological, and Physical.
British Standards Institute (BSI) – who are UKAS accredited, conducted a transition readiness review followed by a formal assessment (November 2023) on the effectiveness of the updated ISMS and confirmed a successful transition.
All organisations certified to ISO7001:2013 need to transition to ISO27001:2022 by October 2025. Having transitioned in 2023 shows our security posture and ability to adapt to evolving threats.
For the transition the Information Security Auditor:
1. Conducted a gap analysis to identify any gaps from the existing standard to the new requirements.
2. Revised and updated policies and procedures
3. Conducted internal audits on the 93 controls and the clauses which had been updated to verify that the updated ISMS complies to the new standard.
Get in touch today to understand the change in more detail, or how regulatory requirements might affect your business.
“We have now successfully transitioned over to the new ISO 27001:2022 standard which includes additional IT security controls, which is one of the most complex and demanding ISO standards out there. This is a fantastic achievement for Restore Digital and for our customers.”
Martin Fiddler | Head of Compliance at Restore Digital
Find out more about Restore DigitalKey benefits of ISO27001:2022:
- Risk Management Approach: The 2022 version emphasises a risk-based approach that is more adaptive and responsive to the changing threat landscape. It provides clearer guidance on risk assessment and treatment.
- Adaptability and Continuous Improvement: The 2022 revision stresses the need for continual improvement and adaptability. Organisations are encouraged to regularly review and update their security measures to address emerging threats.
- Integration with other Management Systems: The updated standard encourages better integration with other management systems, fostering a more holistic approach to organisational management.
- Human Factors: There’s increased focus on human aspects of security, such as training, awareness, and competence of personnel. This recognises the crucial role people play in maintaining security.
- Documentation Requirements: The documentation requirements have been refined to focus on necessary documentation without being overly prescriptive, giving organisations more flexibility in their approach.
Restore Digital certifications and what they mean
At Restore Digital, we pride ourselves on continuous improvement to ensure our clients benefit from the latest advancements in technology and see us as a trusted partner.
Maintaining accreditation often involves a commitment to ongoing training and improvement, but our team are committed to upholding the highest standards to keep your data safe and secure.
Ensures we meet the highest statutory and regulatory standards throughout the business.
Ensures a unified, clear framework for Occupational Health and Safety performance. The goal of ISO 45001 is the reduction of occupational risk and hazards, including promoting and protecting physical and mental health.
The international standard for information security management systems (ISMS). Allows us to work with customers to meet their needs and expectations for security controls and information handling.
This certification enables us to monitor our ESG performance, reduce our carbon footprint, build awareness among Restore Digital colleagues and establish compliance with all applicable environmental regulations while pursuing continuous improvement through the use of indicators and controls that allow for meaningful changes. This aligns with our ESG strategy and becoming Net-Zero by 2035
With this certification, the likelihood of disruptive incidents is reduced, and preparedness to respond and recover from such an incident, whether it is man-made or natural, is ensured. Both physical and digital threats are addressed by employing well-defined guidelines that require secure data backups, minimise losses, and speed up the recovery time of critical functions.
This outlines best practice for the implementation and operation of electronic information management systems, including the storage and transfer of information, this certification Provides the standards required for protecting sensitive data held by Restore Digital.
References:https://www.british-assessment.co.uk/insights/a-complete-guide-to-iso-iec-270012022/