ISO information

Why did Aeromark choose to be ISO 22301 certified?

ISO 22301 and a business continuity management system (BCMS) allows Aeromark to ensure our ability to continue operating in an event of a business disruption.

The standard covers all technology systems including employees, business processes and information technologies. By implementing a framework that can monitor issues and keep Aeromark’s operations running smoothly at all times, this standard also helps Aeromark prevent, prepare for and respond to any unexpected incidents.

How ISO 22301 helps

• Reduces impact and frequency of business disruptions
• Enhances our ability to respond when disruptions do occur
• Gives us confidence in our responses and ensures appropriate and agile contingencies
• Better stakeholder/interested party relationships
• Greater visibility of business risks both externally and internally across the organisation
• Increases confidence in our recovery plans
• Shows our clients and supply chain that we are committed to Business Continuity
• Demonstrates a duty of care to our staff, no matter what happens
• Cost savings through mitigating impact of disruptions
• Improves risk identification and brings about a consistent approach across our organisation
• Strengthens Aeromark’s management commitment and ensures BCM is taken seriously
• Increases employee engagement and understanding
• Makes sure sufficient resources are available for BC testing and delivery
• Gives visibility to our employees, suppliers and customers of senior management’s commitment to BCM

How we do this

• It requires us to consider interested parties affected by the BCMS and their requirements and plan out how, when and who we will communicate with
• It makes sure that a BC strategy is developed, that defines acceptable timescales for resumption of activities for both you our customers and our suppliers
• It enables us to understand the impact of risks facing our organisation
• It requires cross organisational working

Why did Aeromark choose to be ISO 27001 certified?

The decision to become accredited to ISO 27001 presents many different challenges to a business. The biggest challenge is the requirement to understand that previous company processes will need to change. Businesses are naturally apprehensive about change, especially in successful firms, however at Aeromark the decision to implement ISO 27001 throughout the entire scope and the change that it would bring was met with positivity.

“Despite having seen reluctance by other software providers to fully manage and minimise risk, we at Aeromark were excited at the idea of becoming certified to the ISO 27001 standards. We wanted our customers to feel assured that their data is protected to internationally accredited standards” - Roger Marks, MD Aeromark.

“Aeromark believe in a proactive approach to securing information security and integrity for our customers. Most service management software providers are only able to offer data centres which are covered by the ISO27001 standard which as a result doesn’t cover the largest part of the risk. At Aeromark our entire business scope is covered by these standards, from our hiring policies to how our team develop our software and of course our datacentres.

"In becoming accredited for both ISO 27001 and ISO 22301 we show Aeromark’s commitment to adhering to the international best practices of data protection and to meet the increasing expectations of our customers” Roger Marks, Managing Director.

Service companies have access to sensitive data for millions of people, and a data breach makes them all potential victims of identity theft. It is important that this data is protected from risk. The map prepared by Norse shows real time attacks happening across the world.

The realisation that many other service management software providers only had accredited data centres while the rest of their business was left lacking encouraged Aeromark to set out to ensure that every aspect of the business was conforming and certified to ISO 27001 standards.

“The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.”

International Organization for Standardization

How does ISO 27001 benefit our customers?

As business information is the most vital part of any company, most businesses have some form of data security policy in place.

While this policy and the security controls may be introduced with the best intentions, the effectiveness of the policy can be difficult to maintain and organise.

For example, most IT security policies may overlook vital information assets such as paperwork. The ISO 27001 standard was introduced to ensure that all aspects of data security are protected.

ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system”.

The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action.

The standard requires cooperation among all sections of an organisation which is required to apply controls appropriately in line with their specific risks.

Key benefits to our customers

• By becoming ISO 207001 certified Aeromark ensures that it complies with all laws, regulations and contractual requirements related to information security.
• Every security incident, large or small, costs money. Aeromark’s ISO 27001 certification massively reduces the risk of a security incident by identifying business risks.
• Better organization with clearly defined processes and procedures enabling Aeromark to offer an even higher level of service to our customers.
• The ability for Aeromark to offer services to businesses in highly regulated sectors.
• It demonstrates Aeromark’s clear commitment to Information Security Management (ISMS) for our customers.
• It provides a framework to ensure the fulfilment of commercial, contractual and legal responsibilities.
• Implementing and maintaining an information security management system certified to the internationally recognised data security standard, ISO 27001, is the most effective way of reducing the risk of suffering a data breach.
• Reassurance that Aeromark safeguard valuable data and intellectual property to the highest standards.