James Kenealey award
Morson International are pleased to have attained the ISO27001: 2013 International standard for information security management systems, enhancing our current provisions beyond current industry requirements.
ISO27001 provides a framework of policies and procedures that includes all legal (GDPR), physical and technical controls involved in the information risk management process of an organisation.
In order to achieve the accreditation, key behavioural changes across the business were required in terms of the effective management of personal sensitive data.
The accreditation covers the approach to both physical security and cyber security. Every employee at Morson International has been required to take mandatory cyber security awareness training, and the cyber threat protection provision used by the business has been penetration tested by independent organisations. A cyber rating was produced in conjunction with BitSight and Morson Cyber Security which reflected a clear improvement.
Morson International has also worked closely with sister company, design consultancy Morson Projects, to develop the new processes, and further strengthen and test the disaster recovery and business continuity provisions.
“As a business we hold a huge number of candidate records and other sensitive commercial information, so it’s imperative that we are secure,” said Gareth Morris, HSQE director for Morson.
“The work towards this accreditation has come at an opportune time with the recent introduction of the new GDPR laws. We’re very keen to go above and beyond, and this has been a 12 month project.”
“We believe that this accreditation will give both clients and candidates, present and future, the peace of mind and reassurance that their data is protected.”