Back

Five reasons for choosing an ISO-certified supply

Becoming an ISO-certified business is a long time-consuming process. The certification gives our customers an assurance that the products and services we supply are of high quality.

2.November 2022
Written by Admincontrol



ISO certification gives our customers an assurance that the products and services we supply are of high quality. It also demonstrates that Admincontrol takes security very seriously, says the company’s Head of Security.

Ole Martin Refvik, Head of Security at Admincontrol, explains that the company dedicated two years to achieving its ISO 27001:2013 certification.

IT security working from home

Refvik believes that all companies should focus on ISO certification when choosing suppliers, not least for solutions where security is important, as in the case of a board portal.

Here are Refvik’s five reasons for choosing an ISO-certified supplier:

1.Trust – An ISO-certification means you can trust that the company takes security very seriously

ISO 27001:2013 is an international standard describing best practice for an Information Security Management System (ISMS). An ISO 27001:2013 certificate is an attestation from an accredited and independent third party that the company has systems and routines that meet this standard. It is a seal of approval, and means that, as a customer, you can have complete trust that the company takes security very seriously.

2.Continuity – The ISO-certification means the company is continuously improving security measurements

If the company is ISO-certified, it is subject to continuous security measurements and obliged to perform annual controls to ensure that its guidelines, processes and procedures are implemented optimally. This makes it possible for a supplier to monitor and assess each individual production phase and adapt to advances in technology. This helps to establish a robust information security culture. If you choose an ISO-certified company, you can be certain that the company works continuously to improve its services and that it has up-to-date systems you can always rely on.

3.Being ISO-certified means having optimum security controls in place

With continuous improvements of the security controls integrated in the ISO 27001 standard, implemented with a risk-focused approach, an ISO 27001-certified supplier will have the optimum security controls in place for the data that it processes. If the supplier processes confidential data as part of its standard service, and is ISO-certified for this, you can be certain that security is also optimised for this purpose.


4.Being ISO-certified means being a dedicated supplier

Opting to become ISO-certified is a commitment that requires a lot of time and resources. For precisely this reason, you can be confident that, if the supplier has put itself through this process, the company is dedicated to maintaining the highest possible standards and delivering exceptional products and services to its customers. It is important to note that ISO certification is not a one-off event. To retain its ISO certification, the company is audited annually to ensure compliance with the standard and guarantee that it will continue to supply a high quality, premium service.

An ISO-certification demonstrates compliance


Certification demonstrates compliance. ISO 27001 is a global standard and often referred to in both general terms and in legal provisions as a method for achieving good data security. In today’s world, with its increasing focus on compliance with laws and regulations, such as the GDPR, you should only choose suppliers who can prove that they have everything in order. If the supplier is unable to certify that they have everything in place, this may expose you to increased risk and make you directly responsible.


Have your company got safe IT-systems in place?

 

At Admincontrol we have recently been looking at these issues in depth and have produced a handbook for boards on how to manage the impact of hybrid working on cybersecurity.
 
Download eBook:
New call-to-action