OUR CLOUD EXPLAINED
Accreditations
ISO 9001
ISO 9001 is an internationally recognised standard for quality management systems (QMS). It provides a framework for companies to ensure they consistently meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9001 is based on several quality management principles, including a strong customer focus, the involvement of high-level company management, a process approach, and continual improvement. Achieving ISO 9001 certification demonstrates a company's commitment to quality products and services and to continuous improvement of their systems.
ISO 10002
ISO 9001 is an internationally recognised standard for quality management systems (QMS). It provides a framework for companies to ensure they consistently meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9001 is based on several quality management principles, including a strong customer focus, the involvement of high-level company management, a process approach, and continual improvement. Achieving ISO 9001 certification demonstrates a company's commitment to quality products and services and to continuous improvement of their systems.
ISO 14001
ISO 14001 is an internationally recognised standard for Environmental Management Systems (EMS). It provides a framework for organisations to protect the environment, respond to changing environmental conditions in balance with socio-economic needs, and ensure compliance with environmental laws and regulations. The standard focuses on continuous improvement and helps organisations achieve environmental objectives through more efficient use of resources and waste reduction.
ISO 20000
ISO/IEC 20000-1 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving a Service Management System (SMS). The standard is designed to help organisations effectively manage and deliver IT services to their customers. It encompasses all aspects of IT service management, including planning, design, transition, delivery, and improvement of services to meet agreed service requirements and provide value.
ISO 22301
ISO 22301 is an international Business Continuity Management Systems (BCMS) standard. It specifies requirements to plan, establish, implement, operate, monitor, review, maintain, and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. ISO 22301 is designed to ensure the resilience and recovery capabilities of an organisation, enabling it to continue operating during and after a disruptive event.
ISO 27001
ISO 27001 is an international Information Security Management Systems (ISMS) standard. It provides a framework for organisations to establish, implement, operate, monitor, review, maintain, and continually improve their information security management. The standard sets out the criteria for managing and securing sensitive company information, including employee details, financial information, intellectual property, and information entrusted by third parties. ISO 27001 emphasises a risk management process involving people, processes, and IT systems, thereby ensuring the confidentiality, integrity, and availability of information.
ISO 27017
ISO/IEC 27017 is an international code of practice for information security controls tailored to cloud services. This standard provides additional information security control implementation guidance beyond ISO/IEC 27002, focusing on cloud service providers and customers. It addresses areas such as cloud-specific threats and risks, customer and cloud service provider responsibilities, and the management of cloud environments. ISO 27017 enhances the existing Information Security Management Systems (ISMS) with cloud-specific guidelines, helping organisations manage the security of their cloud-based assets effectively.
ISO 27018
ISO/IEC 27018 is an international standard providing guidelines for protecting personal data in cloud services. It establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII) following privacy principles in the cloud computing environment. This standard applies to both cloud service providers and users, focusing on ensuring data privacy and compliance with regulations like GDPR. ISO 27018 enhances cloud computing security and privacy, addressing public cloud PII protection specifically.
ISO 25001
ISO 25001 is an international standard related to software quality requirements and evaluation. It guides organisations and professionals on the management and engineering of software product quality requirements. This standard is a part of the ISO/IEC 25000 series, also known as SQuaRE (Software product Quality Requirements and Evaluation). ISO 25001 assists in specifying and evaluating quality requirements, ensuring that software products satisfy stated and implied needs under specified conditions. It's particularly useful for software developers, testers, users, and business managers involved in software development and procurement.
BS 1573
BS EN 1573:2015 is a British-Adopted European Standard that specifies the general requirements for the design of transport labels containing linear barcodes and two-dimensional symbols for use by various industries. It provides guidelines for traceability of transported units through a unique transport unit identifier code, supplemented by other identified data presented in both barcode and human-readable form. The standard also includes recommendations on label material, size, the inclusion of free text, and graphics. It is aligned with ISO 15394:2009, but with additional details specific to the European context and additional advice based on updates since the publication of ISO 15394
Safe Supplier
"Safe Supplier" is a verification scheme offered by Alcumus SafeContractor. This verification assures customers that the supplier meets various standards, including environmental and quality management, health and safety, and corporate social responsibility. The program covers key topics like business and professional standing, financial and risk management, and environmental practice.
Cyber Essentials +
Cyber Essentials Plus is an advanced level of certification within the UK's Cyber Essentials scheme. It involves a technical audit of the systems that are in-scope for Cyber Essentials, including a representative set of user devices, all internet gateways, and all servers with services accessible to unauthenticated internet users. The Plus level includes all the requirements of the basic Cyber Essentials certification but with an additional independent assessment of the security controls, where an assessor will perform tests to ensure the controls are in place. This certification provides a higher level of assurance through the external testing of an organisation's cybersecurity approach.