ISO27001:2013 Achieved

In July 2021, Compass Informatics was certified to the ISO27001:2013 Information Security standard (Certificate Number: 11752-ISMS-009). 

This reflects the on-going investment in information security and in overall company processes – in order to enable the team to provide ever-improving services to our highly valued client organisations.

As a data-led business, Compass has always employed class leading tools and processes for data storage and management, so we were already in an excellent place. Our certification is validation of the excellence that permeates the work with do for our varied client base.

 

About ISO27001:2013

ISO 27001:2013, also known as ISO/IEC 27001:2013, is an internationally recognised standard for information security management systems (ISMS).

Published by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC), it provides a framework for establishing, implementing, maintaining, and continually improving an organisation’s information security management system.

The standard sets out the requirements for establishing, implementing, maintaining, and continually improving an ISMS within the context of overall business risks.

It adopts a risk-based approach, emphasising the importance of identifying and assessing information security risks and implementing appropriate controls to manage those risks effectively.

 

The key principles of ISO27001:2013

Risk assessment and management

The standard requires organisations to conduct a systematic assessment of their information security risks, considering the likelihood and impact of potential incidents. This includes identifying assets, threats, vulnerabilities, and the potential consequences of a security breach.

Organisational Context

ISO27001:2013 emphasises the importance of understanding the organisation’s context, including its internal and external factors that can affect its information security objectives. This helps in establishing a risk management framework that aligns with the organisation’s goals and priorities.

Leadership and commitment

The standard requires top management to demonstrate leadership and commitment to information security by establishing an information security policy, assigning responsibilities, and providing the necessary resources for the ISMS implementation and maintenance.

Continual improvement

ISO27001:2013 promotes a culture of continual improvement in information security management. It encourages organisations to monitor, measure, analyse, and evaluate their ISMS performance, and take appropriate actions to address any identified gaps or areas for improvement.

Documentation and control

The standard requires organisations to establish and maintain documented information that supports the operation of the ISMS. This includes policies, procedures, guidelines, and records related to information security.

It also emphasises the importance of implementing controls to mitigate identified risks.

Our Team - ISO27001:2013 Information Security


Thanks to all our team for the commitment to the ongoing ISO27001 process.

About TGI

Tracsis Geo Intelligence, a sister company of Compass Informatics, emerges with a sharpened focus on Earth Observation, Sustainability, and the UK Market.

Building upon the expertise and experience of Compass Informatics, Tracsis Geo Intelligence offers a comprehensive suite of geospatial solutions.

Compass Informatics is a leading provider of geospatial solutions, specialising in the application of GIS, IT, and mobile technologies across various sectors, including transportation, environment and natural resources.

Tracsis Geo Intelligence and Compass Informatics are both part of the Tracsis Group.

To learn more about this project, and how the solution provided may benefit your organisation, please contact our team at contact@tracsis-geointelligence.com.