The Ideas Distillery
  • Home
  • ISO systems
    • Benefits of ISO systems
    • How to get (and keep!) ISO certification
    • ISO certification FAQs
  • Implementation
    • ISO Implementation overview
    • ISO 9001 QMS Support
    • ISO 14001 EMS Support
    • ISO 45001 H&SMS Support
    • ISO 27001 ISMS Support
    • Certification Threshold Service®
  • Maintenance
    • Maintenance Services Overview
    • Certifications Compliance Package - Bronze
    • Certifications Compliance Package - Silver
    • Certifications Compliance Package - Gold
    • Internal Audits Service
    • Online Compliance Management
  • Improvement
    • Business Process Mapping
    • ISOs and business improvement book
    • ID TV Channel
  • About
    • Contact
    • About Us
    • Meet our team
    • Video Testimonials
    • Blog
    • Knowledge Base
    • Press Room

Surviving the covid-19 economic fallout: should you BE outsourcING your iso compliance?

5/22/2020

0 Comments

 
Businesses surviving COVID-19 ISO compliance
Millions of people around the world have lost their jobs amid the current Covid-19 crisis - it is a crisis within a crisis. The long-term economic impact is yet unknown but will surely be deep.

What is not in doubt is that the economic strain on companies of all sizes across the UK and the rest of the world will be here for the foreseeable future. Manufacturers have closed plants, stores are shut, and consumer demand has collapsed in many sectors.

Research by the Institute for Social and Economic Research at the University of Essex has found that more than 6.5 million jobs could be lost due to the economic fallout from the UK’s coronavirus lockdown, about a quarter of the UK’s total jobs.

A simply staggering number of companies have plunged into administration, from stalwart high street brands to major travel agents, as well as a whole raft of businesses in sectors such as construction. The true toll is only just beginning to be understood.

So it’s no surprise that companies which are still managing to keep their heads above water will be starting to look at deep cost-cutting measures in the short- and medium-term. With profit centres being hit like never before, cost centres such as ISO compliance will undoubtedly have fewer resources until the economy turns around.

What does this mean for the ISO compliance functions of companies that are struggling?

In practical terms, they will have to make risk-based decisions about how to allocate the limited resources that they have. And one important thing to think about is how you can use the expertise of companies such as The Ideas Distillery to outsource your compliance tasks cost-effectively with little overhead.

Certification Bodies have recognised, for the moment at least, that the world has changed significantly. Just about all have turned to ‘remote auditing’ as a way to still service clients while still respecting the lockdown. There has also been the option of postponing for up to six months in many circumstances, although this option is now starting to wind down.

Any company’s priority will simply be to put themselves in a position to survive the crisis. So when dealing with budget constraints and limited compliance resources, flexibility and creativity will be key.

For our part, when we are helping businesses in these scenarios, we always assess risk and conduct a review with the aim of identifying core ISO compliance requirements. This often entails a historic review of internal procedures and controls to identify past activities or other problems to determine where the biggest risks reside.

​External industry risks such as enforcement actions brought against competitors should be considered as well, along with identifying low-risk areas where there have been few incidents or problems.

But more significantly, we help companies to determine if new, immediate significant risks have arisen due to the pandemic. Another emerging risk may exist in a company’s sales department, for example, perhaps due to the pressures of bringing in new business. This may be an area that leads to an increase in customer complaints as things are missed.

The crisis may have caused companies to find new suppliers that have not been fully vetted due to time pressures. Likewise, the pandemic may have caused substantial risks to employee safety associated with reopening businesses. This emerging risk will likely call for the development of new policies and procedures that will require close oversight by senior management.

For more information - and to see how we can help - just get in touch with us in any number of ways using on our Contact page.

If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).

0 Comments

what is AN ISO 27001 INFORMATION SECURITY MANAGEMENT SYSTEM?

5/14/2020

0 Comments

 
​Achieving certification to ISO 27001 demonstrates that your company is following information security best practice, and delivers an independent, expert assessment of whether the data you are handling is adequately protected.

Information is the lifeblood of any business – this is especially true if your clients have entrusted their valuable data to you. Maintaining an information security management system (ISMS) is the most effective way of reducing the risk of suffering a data breach.

An ISMS is a systematic approach to managing the security of sensitive information and is designed to identify, manage and reduce the range of threats to which your information is regularly subjected.

​There are a whole host of benefits to getting ISO 27001, such as demonstrating credibility when tendering for contracts, showing you are taking cyber security threats seriously, and avoiding fines and penalties.
Picture
We identify the key requirements of ISO 27001 for you and provide a top level route map for a successful ISMS implementation in your organisation. We will outline a structured approach to implementation based around:

  • Planning. Defining the scope of the ISMS. Undertaking a Gap Analysis to assess management system requirements and controls currently implemented. Defining your information security policy. Creating a network map to identify all of your organisation’s devices that are connected, as well as their functions. Produce a data map in respect of all personal data held/used by your organisation.
  • Creating a list of relevant risks that would compromise the confidentiality, integrity and availability of your information.
  • Defining a systematic approach to risk assessment. 
  • Carrying out risk assessments to identify and evaluate information security risks. 
  • Identifying and evaluating options for the treatment of these risks. 
  • Selecting, for each risk, the controls to be implemented.
  • Preparing a statement of applicability (SoA).
  • Formulating a risk treatment plan for approval by risk owners. 
  • Meeting your organisation’s ongoing legal, regulatory and contractual obligations through a Compliance Legal Register and Key Issues Newsletter.

If you would like to look at how to implement an ISO 27001 information security management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).
0 Comments
      NEVER MISS AN ARTICLE - SIGN UP FOR OUR BLOG UPDATES
    Submit

    Welcome

    Here you'll find the latest blog articles on all things compliance, particularly focussed on quality, environment, health & safety and information security.


    Get a completely free, no obligation, totally tailored ISO Gap Analysis for your business...
    FREE ISO GAP ANALYSIS

    Categories

    All
    Environment
    Health And Safety
    Information Security
    ISO Management System
    Quality


    Archives

    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    July 2020
    June 2020
    May 2020
    April 2020
    February 2020
    January 2020
    December 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018

    RSS Feed

Ideas Distillery logo
T: 029 2196 1066
E: info@ideasdistillery.co.uk
Picture
Picture
Read about our ISO implementation services...

Read about our ISO maintenance services...

Sign up to our free, genuinely useful Monthly Newsletter full of ISO news, regulation bulletins, top tools and blogs
​GDPR Data and Information Policy
​Privacy Policy
HTML sitemap
XML sitemap
  • Home
  • ISO systems
    • Benefits of ISO systems
    • How to get (and keep!) ISO certification
    • ISO certification FAQs
  • Implementation
    • ISO Implementation overview
    • ISO 9001 QMS Support
    • ISO 14001 EMS Support
    • ISO 45001 H&SMS Support
    • ISO 27001 ISMS Support
    • Certification Threshold Service®
  • Maintenance
    • Maintenance Services Overview
    • Certifications Compliance Package - Bronze
    • Certifications Compliance Package - Silver
    • Certifications Compliance Package - Gold
    • Internal Audits Service
    • Online Compliance Management
  • Improvement
    • Business Process Mapping
    • ISOs and business improvement book
    • ID TV Channel
  • About
    • Contact
    • About Us
    • Meet our team
    • Video Testimonials
    • Blog
    • Knowledge Base
    • Press Room