What is the ISO 27001 certification?
- Systematically evaluate information security risks, taking into account the impact of threats and vulnerabilities.
- Design and implement a comprehensive suite of information security controls and other forms of risk management to address organisational and architecture security risks.
- Adopt an overarching management process to ensure that the information security controls meet the information security needs on an ongoing basis.
- Develop and maintain an organisational culture that embraces cyber and information security as part of daily operations.
How does this certification impact Griffiths & Armour?
We welcome the ISO 27001 standard and best practices into our organisation.
Griffiths & Armour’s implementation of and alignment with ISO 27001 demonstrates a commitment to information security at every level of the organisation. The assessment by an independent third-party auditor to validate alignment with the ISO 27001 standard has been a valuable process. Compliance with the internationally-recognised standard and code of practice is evidence that our security system are comprehensive and in accordance with industry leading best practices.
The certification confirms Griffiths & Armour’s commitment to the security, confidentiality, and continued availability of client services. The key to these standards is the development, implementation, and continuous improvement of the firms’ rigorous security management program, which forms the foundation of Griffiths & Armour’s security approach.
Which Griffiths & Armour entities are covered by the accreditation?
- Griffiths & Armour
- Griffiths & Armour Professional Risks
- Griffiths & Armour Insurance Brokers
- Griffiths & Armour Global Risks Limited
- Griffiths & Armour Risk Management Limited
- Griffiths & Armour (Holdings) Limited
- Griffiths & Armour Europe DAC
What does this mean to you as a client?
ISO 27001 certification demonstrates Griffiths & Armour’s commitment to information security at every level. Compliance with this internationally-recognised standard, validated by an independent third-party audit, confirms that our security management program is comprehensive and follows leading practices.
This certification provides more clarity and assurance for clients when evaluating the breadth and strength of security practices.
Who is the certifying body?
The British Standard Institute (BSI), an ISO certifying agent accredited by UKAS Management Systems.
Can you provide a copy of the ISO 27001 standard?
The ISO 27001 standard keeps information assets secure and provides additional security for organisations to manage their assets, for example financial information, intellectual property, employee details or information entrusted by third parties. ISO has made the decision to copyright these standards in an effort to help fund the processes leading to development.
David Atkinson, Head of Technology at Griffiths & Armour said:
“As a firm we already hold UK information security standards Cyber Essentials and Cyber Essentials Plus certifications, but as cyber threats and risks to businesses continue to evolve, this ISO 27001 accreditation further reinforces Griffiths & Armour’s ongoing commitment to protecting our firm and clients from developing risks in the fast-moving cyber landscape. We worked closely and collaboratively with SureCloud to achieve certification, and our thanks go to them for all their help and assistance”.
Ben Jepson, VP at SureCloud added:
“We were delighted to assist Griffiths & Armour on its ISO 27001 journey, helping them to achieve certification and a plan to maintain it moving forward. Our Capabilities bring together the right combination of Gartner-recognised Governance, Risk and Compliance (GRC) software and world-class cyber and risk expertise, whether working towards an ISO certification or managing third-party risk. We pride ourselves on providing the necessary support, through technology and consultancy”.