Prosperity 24/7, the Jersey headquartered technology and business consulting practice with offices in Guernsey and Edinburgh, has become ISO27001 certified for its information security management system.
ISO 27001 is the global information security management system (ISMS) standard. It offers a structured approach to safeguard data and manage information security effectively.
The certification strengthens a business’s information security by mitigating risk and ensuring regulatory compliance. It works to strengthen organisations’ information security position building brand trust and supporting its digital transformation capabilities.
Geraldine Evans (pictured), Chief Operating Officer of Prosperity 24/7, explained the process to achieve the certification: “After our initial consultation with the BSI Compliance Team, they understood our needs and created a plan to achieve ISO27001 certification. We reviewed our policies and procedures to align with ISO standards, identifying gaps and required controls and put an action plan into place. After we ensured the Information Security Management System was well-established, we launched a training programme to help all staff understand its benefits. BSI then returned to conducted a thorough audit to ensure compliance to the ISO standards. Now, we focus on continuous improvement to maintain our certification and adapt to evolving security threats.
“We are delighted to achieve this certification which required the efforts of the whole team to adapt to new ways of working over the course of the past year. This complements our existing Cyber Essentials and IASME Cyber Assurance certifications.
“Under the leadership of Stephanie Fox, our Security Solutions team can assist clients in attaining the same level of highly respected trust, helping them safeguard their systems and build confidence with their clients. This is particularly crucial with the Digital Operational Resilience Act (DORA) regulation set to take effect in early 2025, as it provides both us and our clients with assurance regarding our approach to information security and risk management standards.”