Phil Walsh, Head of Finance, Mind –
“Thanks to Smartdesc, Mind are now ISO 27001 certified. What we thought would be a very complex and resource intensive process, was not at all.
Smartdesc not only drove the work forward but created and implemented the necessary documentation and processes. Our staff were called on only when required, with a focus on training and awareness, ensuring the information security management system was properly embedded and we could operate it with ease.
This has given us great confidence in our risk management going forward.“
- Creating a Risk Assessment process and engaging with risk owners
- Working with Risk owners to build and deliver risk treatment plans
- Auditing Mind against the 93 Controls included in the standard and working with teams to deliver the required remediation
- Building and delivering Cyber and ISO 27001 awareness training
- Providing specialist Information Security advice to teams as and when needed
- Creating the custom paperwork, policies and processes required by the standard
- Preparing teams for external audit
- Being the Mind lead during the external audit process
What this certification means for Mind
Mind prioritised embedding the processes and controls thoroughly, which meant the project took 12 months from start to certification. This has resulted in:
- Achieving a prestigious certification in information security, demonstrating Mind’s commitment to cyber security best practice
- Assurance to board, trustees, partners and regulators that Mind manage Information Security well
- Given Mind great confidence that they have effective processes in place and can manage risk more easily going forward, with Information security projects prioritised by risk
- Greater awareness across Mind that Information Security is everyone’s responsibility
- A framework to deliver best practice, that is internationally recognised
- Management processes and checks that provide continual improvement
