09 Oct 2017

Concerto achieves lead auditor accreditation :ISO 27001:2013 – Information Security Management Lead Auditor

As a leading technology company, Industry recognised best practice in Information Security Management is paramount.

Although not obligatory, Concerto chose to implement the ISO 27001 standards and became accredited in 2015 in order to benefit from the best practice it contains. The ISO 27001 standard relates to Information Security Management and is a key assurance to our clients that all their information assets are secure under any eventuality.

As part of this on-going commitment, Concerto’s Helpdesk Manager, James Burton has now been accredited with the ISO 27001:2013 Lead Auditor accreditation. This means he is fully qualified and equipped with the skills to conduct internal audits, second-party (supplier) and third-party (external) audits.

“From leading the Concerto Service Desk and being heavily involved with our hosting infrastructure I know first-hand how vital information security is for everyone. Obtaining the Lead Auditor qualification has given me many new tools for ensuring that we not only work to the ISO27001 standard but also do everything we can to exceed this to allow our customers the peace of mind that their data is being handled safely and securely. It has also given myself and Concerto the ability to confidently speak to any service providers we use to make sure meet our standards for information security in order to meet the high standards we set for ourselves.”

James Burton, Helpdesk Manager.

To become ISO/IEC 27002:2013 compliant, Concerto has adopted is a systematic approach to managing sensitive company information and mitigating risk so that all data remains secure. This includes the design, development, support and hosting of all our software applications for project, asset and property management. With a qualified auditor in the team, recognised by the International Register of Certificated Auditors (IRCA). Concerto can carry out second party audits to address information security risks where key data is processed or handled by external organisations.

“We are very pleased with James’s accreditation. In line with our Company ethos of best practice, we believe that operating to these standards is necessary to protect our client’s data. James’s accreditation offers added value and reassurance that business continuity and risk management procedures are not only in place, but that they are effectively and continually audited for effectiveness and improvement.”

Kevan Davey, Managing Director.

View demo