11th July 2019
Pentest achieves ISO 27001, ISO 9001 audit, and Cyber Essentials Plus
Pentest Ltd, a Shearwater Group company, has received accreditation under the 27001 information security standards, published by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC). ISO 27001 is granted to organisations following a vigorous audit, ensuring that management:
- systematically examines the organisation’s information security risks, taking account of the threats, vulnerabilities, and impacts;
- designs and implements a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- adopts an overarching management process to ensure that the information security controls continue to meet the organisation’s information security needs on an ongoing basis.
Pentest has also successfully completed the second stage of the ISO 9001 audit. The company is now officially “recommended for certification”.
The ISO standards apply to more than IT security and undergoing the process to achieve these accreditations is part of Pentest and the Group’s commitment to holistic security and organisational resilience.
Cyber Essentials Plus
Pentest has also recently received the Cyber Essentials Plus certification (Via Xcina IS) from the National Cyber Security Center. This process verifies that an organisation’s Information Technology meets requirements under five categories of technical control:
- secure configuration
- user access control
- malware protection
- patch management
More information about the National Cyber Security Centre and the Cyber Essentials program can be found via the link below