Each month Signum processes in excess of 1 million active subscriptions, 2.5 petabytes of data usage, 200 million voice minutes and 25 million SMS events. Ensuring the security of our clients’ data has always been of the highest priority for the team, which we reflect in our internal processes and technology partners we use.
As the next step in our journey, we sought to obtain ISO27001 accreditation from a UKAS accredited assessment body, cementing our reputation as a business that takes information security seriously and considers it in everything that we do. ISO27001 is the internationally recognised specification for an Information Security Management System (ISMS), and it is one of the most popular standards for information security.
Obtaining ISO27001 accreditation was a significant undertaking and investment for the business. Our selected partner, 2sb, skilfully guided us through the process which took six months, from engagement through to accreditation. As you would expect, the scope of the process was wide ranging and thorough. To start with, we worked to define our security objectives as a business, develop a security policy and undertake an initial assessment. We then moved on to establish appropriate policies and procedures, an auditing framework and embed risk management in the organisation. As we already had an ISO9001 accreditation, on successful completion of the ISO27001 process we decided to amalgamate the two standards to streamline our controls, review and auditing procedures.
All of this gives us confidence that we can meet the high expectations and contractual obligations of our customers. Of course, the threat landscape is always evolving, and Signum remains committed to continually evaluating and reacting to these changes to keep our data and systems safe.