EN ISO/IEC 27001:2013
We would like to share with you our Information Security Management System (ISMS) and GDPR plans.
Ahead of the GDPR compliance deadline, Medhurst have embarked on the implementation process of the ISO 27001:2013 accreditation. ISO/IEC 27001 is the best-known International standard providing requirements for an Information Security Management System (ISMS).
We believe that achieving ISO 27001:2013 accreditation demonstrates our commitment to follow information security best practice, backed by an independent, expert assessment.
To assist with our accreditation, we will be working with The British Assessment Bureau (BAB), a UKAS accredited authority for auditing and certification and BusinessFlow, an ISO and BS EN standards implementation specialist.
Our Stage 1 audit was completed in March 2018 and Stage 2 final audit will be June 2018.
Throughout this process we are committed to being GDPR compliant no later than the deadline date of 25th May 2018.
Ahead of the GDPR deadline, we will be in contact with details relating to our ISMS and the statements and policies that you will require from us for your own GDPR compliance.
Please do contact us with any queries you may have. Letters of commitment from BusinessFlow and The British Assessment Bureau can be viewed below along with our Information Security Policy.
Medhurst Information Security Policy
BAB Letter of commitment
BusinessFlow letter of commitment
Comments are closed.