“We were walked through the ISO 27001 process at a pace that suited us and, with the help of the auditor, the whole process ran smoothly!”
Jo Rodriguez, Mentor Chief Operational Officer
Mentor Ltd provides bespoke design services for clients developing silicon chips for their products; where project data is highly confidential. Certification to ISO 27001 assures clients their information is kept secure and demonstrates a commitment to delivering an exceptional service.
• Integrated circuit design consultancy achieve ISO 27001
• Demonstrates to clients that their data is secure
• Reinforces the confidentiality of each project
• Has engaged employees on the importance of all procedures
“ISO 27001 is an internationally recognised standard – and we were looking to provide best practice to our global customer base. As a result, we have systematically audited our processes and procedures.”
THE CHALLENGE
Jo Rodriguez, Chief Operational Officer, highlights the importance of keeping client data secure in order to provide their promised high quality of service. Mentor needed a solution to illustrate they take their client’s sensitive information seriously.
“Any information concerning the design of a client’s new product is highly confidential and subject to Non-Disclosure Agreements. Mentor has to handle customer data in a secure and confidential way.”
THE SOLUTION
Mentor strives to demonstrate their commitment to site physical data security including risk management for their international existing and prospective clients. Joe and her colleagues explored how the Information Security Management Standard, ISO 27001, could benefit the business, projects and employees alike.
“ISO 27001 is an internationally recognised standard – and we were looking to demonstrate we meet best practice to our global customer base.”
With the need to prove data stored at Mentor is secure, ISO 27001 provided the company with the opportunity to reassure clients that strict procedures are in place and that staff are compliant. Joe commented;
“It is important that our customers know that their data is secure, and that the employees within the company are engaged and aware of the importance of this. Staff often have to abide by specific physical and data security requirements specified by the customer – so 27001 is an added reassurance.”
The start of the certification process begins with an initial Stage 1 audit by a ISMS ALLIANCE assessor. A Gap Analysis is included so organisations come away knowing exactly what is needed in order to achieve successful certification. While the idea of an audit can be daunting, the reality is many businesses are doing plenty of good things already, it’s just that processes aren’t formalized. Joe commented on the audit experience;
“We were walked through the ISO process at a pace that suited us and, with the help of the auditor, the whole process ran smoothly!”
By implementing ISO 27001, Mentor had the opportunity to benchmark their
existing procedures and involve their staff. Implementation increased understanding of the importance of data security, resulting in improved internal communication and client satisfaction. Joe explained;
“The process of bringing together all the relevant procedures has involved all employees engaging with this subject, whilst re-enforcing the importance of ensuring our customers are receiving the best possible service.”
THE RESULTS
For Mentor’s clients, ISO 27001 promises the company is committed to keeping client’s data secure and having procedures in place to solve issues that may arise. Mentor join the likes of Xerox in providing assurance to their clients that data is safe in their hands, thanks to help from ISO 27001. Joe rounded up with how ISO 27001 compliments the business ethos;
“We are always looking to highlight to customers that we are a professional consultancy, following best practice and monitoring our physical security and data
on an on-going basis. As a result [of ISO 27001:2013] we have systematically audited our processes and procedures.”