Why Choose Advent IM? ...
  1. Years of experience in advising customers on implementing ISO27001 
  2. Unique approach to mentoring and knowledge transfer
  3. We have a 100% track record of customers being recommended for certification
  4. One size does not fit all - our approach ensures your system is specific to the risks your charity faces
  5. We work in partnership with you to deliver meaningful consultancy
  6. We have been recommended for ISO27001 certification ourselves - so we know what's involved!

ISO27001 for Charities

Oh no! I hear you cry. Not another standard to comply with. But for once here is a standard that can really help.

With funding from local government to charities set to significantly decrease and the general economic climate affecting voluntary donations, charities are undoubtedly finding this a tough period. The government's move towards the Big Society is also presenting new challenges regarding the handling of sensitive and personal data and information security for charities in general.

So why ISO27001?

  • It’s a flexible standard designed to provide guidelines that can be adapted to suit every charity - large or small
  • It’s based on common sense security and you may find that you already do a lot of what is needed, you just don't document it
  • It will make you more attractive to receive government funding because you will be seen as addressing security
  • It is risk based so implemented in line with your charity's key information security issues
  • It’s an internationally recognised standard so gives confidence and trust in your management of data to your supporters and funding agents in the UK and overseas
  • It promotes a process approach which applies a continuous cycle of review and awareness, making it an effective system which everyone understands
  • If you have ISO9001, ISO27001 can be integrated into your existing management system
  • Implementing ISO27001 goes a long way towards achieving and maintaining compliance with PCI-DSS

Still not convinced?

Your peers are! Representatives from the voluntary and charitable sectors attended a workshop held at Cabinet Office on the 13th July 2010 to look at Information Assurance Reform.  From that workshop the following principles were raised as a starting point:

  1. Reform to provide a more efficient, effective, and proactive approach to information risk management; providing value to the business, as well as reducing burden, and costs
  2. Delivery IA that anticipates and enables new uses of information, technology and greater connectivity
  3. An approach that will support public trust with clear metrics that enable benchmarking and implementation monitoring
  4. Wherever possible, seek a consistent approach to developing IA capability
  5. Build a culture where information risk management is mainstream; where staff at all levels value and clearly understand how to use information appropriately and their accountability for doing so
  6. Coordinate existing work wherever possible and be accompanied by an implementation plan

Source: http://www.charitiessecurityforum.org.uk/news

ISO27001 compliance and, better still, certification will go a long way to addressing those principles and driving the reform charities seek.

Contact us now to find out more about our services and how they can benefit your charity.