Stage 2 Gaining approval
This is the second part of our initial audit and takes place after we’ve successfully completed Stage 1 and corrected any nonconformities.
Stage 2 confirms your management system is fully aligned to the standard and is fully operational within your organization. We’ll evaluate the implementation and its effectiveness, and make a recommendation for your formal certification.
As part of the Audit process, our BSI Auditor, Isaac Bizimana.
- Gathered evidence of our alignment to the requirements of the standard
- Checked that our management system complies with appropriate legal requirements
- Evaluated the overall effectiveness and relevance of our management system
- Asked us to demonstrate clear monitoring, measuring, reporting, and reviewing of our system against key performance objectives
- Evaluated the operational control of our processes
- Ensured that internal audits and sufficient management reviews had been undertaken
- Evaluated how our management system is performing compared to our objectives
- Once our Stage 2 assessment was complete, there were two minor non-conformances that needed to be addressed, which meant some final improvements.
- These were resolved with a corrective action plan
- As with Stage 1, these were seen as a positive way of improving our management system.
- Isaac once satisfied that we had satisfactorily resolved our NCs he made a positive recommendation for certification for review by BSI’s compliance team
We are now awaiting, with bated breath, news of the review.
ISO/IEC 27001 is an internationally recognised best practice framework for an information security management system (ISMS). It helps organisations identify risks and puts in place security measures that are right for their business, so that they can manage or reduce risks to their information and data.
By achieving ISO/IEC 27001 certification, it means we can demonstrate that our ISMS meets international best-practice and show customers, suppliers, and the market place that our organisation has the ability to handle information and data securely.
Mark Wilding say’s again “This is testament to all the hard work from all our staff to achieve another industry accreditation and the reason we do these is to offer our client’s complete peace of mind knowing that all our processes are independently audited to a particular standard and none higher than the British Standards or the ISO, especially from a UKAS accredited company”
The ISO International Standards ensure that products and services are safe, reliable and of good quality. For business, they are strategic tools that reduce costs by minimising waste and errors and increasing productivity. They help companies to access new markets, level the playing field for developing countries and facilitate free and fair global trade.’
Concept offer a Duty of Care pack to aid due diligence and this can be seen by clicking on our Accreditations page.