ISO 27001 is the most popular information security standard worldwide. It sets out the processes and requirements of how organisations should manage their information security.
Organisations that demonstrate they meet the requirements, and successfully complete an external audit, can become certified ISO 27001. As information security specialists, Monmouth Partners supports all types of organisations to attain certification.
What we did
Trapeze Group provides software solutions to support public transport services across the UK. As part of their commitment to information security compliance, they wanted certification under the international information security standard, ISO 27001.
With no internal resource with experience in achieving the standard, Monmouth guided them through the requirements, specifically around risk assessment of assets, risk treatment planning and statement of applicability.
Monmouth worked with Trapeze Group’s Chief Technology Officer and IT Manager to support the activities required to plug gaps identified in their current processes. This included reviewing and amending policy documentation, reviewing risk treatment approach and working through the asset risk assessment process with the local team.
Trapeze Group successfully achieved certified ISO 27001 status following an external audit.
“Monmouth provided very helpful advice on how we needed to get ready for our ISO 27001 audit. Alan did a good job of de-mystifying what was required. We found Monmouth’s support to be invaluable in updating our management system to ensure it was compliant with the regulations,”
Peter Bell, Chief Technology Officer, Trapeze Group UK