028 9042 3222 /

+3531 832 1493

[email protected]

Search Logo

Tag: ISO 27001

TouchPlus/Navi Group

Navi Group is the parent company of Axium, DispenSense, iGnite, CarePlus Pharmacy, TouchPlus Technologies and StayWell Pharmacy. From humble beginnings in 2009 with the creation of Axium Buying Group, Navi Group have gone from strength to strength since then, consistently bringing new and innovative IT solutions to the pharmacy market.

The company philosophy is to drive innovation within the pharmacy sector through dynamic retailing, leading technology development and consistent supply of quality products for our partners.

The company has a strong network of over 550 pharmacy partners in Ireland. Every day, more than 4700 pharmacy staff in towns and cities across the country are making significant contributions to their local communities and inspiring customers to live healthier lives.

Navi Group engaged with Quadra initially to assist with the implementation of ISO9001 for the Group. This decision was taken as part of the Company’s overall commitment to quality improvement.

The project started with a gap analysis, which was used to assess how closely Navi Groups controls and processes aligned with the requirements of ISO9001. This gap analysis was used to develop a bespoke action and system structure for Navi Group.  Quadra assisted with the implementation project from start to finish and worked closely with the Management Team Quality to develop a robust Quality Management System structure for the entire organisation. The project also included a full readiness review which simulated the external audit and indicated that the organisation was ready for external certification. External certification was successfully achieved in 2021 and was awarded by SGS. 

Following this initial engagement, Quadra was commissioned to assist with the implementation of ISO27001 for the TouchPlus part of the business. Quadra worked closely with the team to build a robust Information Security Management System. This involved a detailed gap analysis against the standard, development of risk assessment, risk treatment plans and information security policies and procedures. Quadra also performed a full internal in preparation for certification. Successful certification was achieved in 2023. Damian Keenan from TouchPlus commented as follows:

‘We engaged with Quadra to assist the technology side of our business with the implementation of ISO27001. This followed on from our success in achieving ISO9001 with Quadra’s assistance. We found the approach to be very professional and Quadra helped us to understand the requirements of ISO27001 and to apply them in a straightforward way which did not create any unnecessary documents or work. We would have no hesitation in recommending Quadra.’

Graham Construction

Graham Construction is one of Northern Irelands largest companies. This company has grown to provide construction, fit out and facilities management services through the UK.

The company was acutely aware of the need to maximise its success in tendering processes and one critical part of this strategy was to achieve certification to ISO standards. This due to the fact that ISO certification is often a core criterion in construction tendering processes and failure to have such certification can often lead to a low score or failure in a tendering process.

Quadra has been assisting Graham Construction with a range of projects for over 5 years and has helped the company to build a streamlined Integrated Management System for a wide scope of activities. These standards include:

  • ISO9001 Quality Management
  • ISO14001 Environmental Management
  • ISO45001 Health and Safety Management
  • ISO27001 Information Security Management
  • ISO44001 Collaborative Business Relationship Management
  • ISO19650 Building Information Modelling

Achieving and maintaining certification to these standards has been a mammoth achievement and one in which we are proud to have assisted.

Thirteen Group achieve ISO 27001

Thirteen Group, specialising in housing development, owning and managing more than 34,000 homes, provide housing both for rent and sale for more than 70,000 customers across Teesside and other areas of North East England and Yorkshire, as well as support services including money advice, routes into skill and employment, schemes to help people live independently, adaptions to homes and more.

Why ISO 27001?

Being dedicated to development, improvement, and progression Thirteen Group decided to implement ISO 27001, which specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS). It includes requirements for the assessment and treatment of information security risks which are tailored to the specific needs of an organisation.

Implementing an ISMS has many benefits including protecting data, increasing resilience to cyber-attacks, demonstrates a commitment to data security and provides a credential when tendering for new business.

The process to certification

Recognising the benefit for their organisation – Thirteen Group decided to appoint Quadra to assist with the implementation of the Information Security standard due to their unrivalled expertise, established reputation and ease of process.

What did Quadra do?

Quadra met with Thirteen Group to understand the business unit operations, gather information, and review the existing information security processes against the requirements of ISO 27001. A risk assessment was conducted after the review to identify key information assets and potential threats and vulnerabilities were identified through the risk assessment process.
Quadra created a Statement of Applicability dealing which of the 114 ISO 27001 controls were deemed to be applicable to Thirteen. Information security policies and procedures were then developed and the information security management system, in line with the requirements of ISO 27001, was implemented. Following this, Quadra carried out a full internal audit of the system to assess and ensure readiness for certification and facilitated a review in assessing the system prior to external audit.

What was the outcome?

Following the two stages of external audit, Thirteen Group were recommended for and achieved ISO 27001 certification. This achievement was of huge importance to all involved within Thirteen, standardising information security management processes throughout the organisation, at an internationally recognised level.

What did the client say?

“Obtaining ISO27001 at thirteen group was vital, not only does it provide additional reassurance to our colleagues and customers that we take information security seriously, but it was also integral to helping us retain some important contracts and provide a solid base for new business opportunities. As we had an ambitious timeline to achieving this accreditation (6 months) we knew that we needed expert guidance, this is where Quadra were invited to help provide that consultancy after a competitive tender exercise. We had the pleasure of working with Mark throughout the project, Mark provided us with a comprehensive GAP analysis and action plan to achieving the 114 controls, with this guidance we were successful in obtaining the accreditation standard, without Mark & Quadra we would not have been able to achieve this in such a short amount of time.” Hassan Bahrani. Thirteen Group.

Need more information?

For further information on Information Security management system implementation or to arrange a call, contact us.

Telephone: +44 28 9042 3222 / 01 832 1493

Email: [email protected]

MedAll achieve ISO 27001 certification

MedAll Limited is a Northern Ireland based HealthTech organisation which has developed a cloud-hosted software platform which manages the career portfolio for Healthcare professionals, to monitor their professional development and through the platform, offers open access to both individuals and institutions seeking a more customised solution. Recognising how beneficial an ISO27001 certification could be to the business, Quadra were commissioned by MedAll to analyse their existing business processes and measure them against the requirements of ISO27001, the international standard for information security management systems, with the goal of achieving ISO27001 certification throughout the business.

Why ISO 27001?

MedAll recognised the massive benefits implementing ISO27001 could bring to the business in standardising operational processes throughout the business and setting a pathway for continuous improvement internally, through embedding the information security management system within MedAll. ISO27001 certification would give MedAll clients assurance that their data security was being taken seriously and that security controls were being independently audited and verified.

ISO 27001 does not only focus on Information Technology but focuses on every part of your organisation which is involved in processing information. Implementation means that your organisation will carry out a risk-based review of your current information security controls, identify the threats and vulnerabilities that may exist and build a management system to reduce or eliminate these threats or vulnerabilities.

The implementation process

MedAll recognised the massive benefits implementing ISO27001 could bring to the business in standardising operational processes throughout the business and setting a pathway for continuous improvement internally, through embedding the information security management system within MedAll. ISO27001 certification would give MedAll clients assurance that their data security was being taken seriously and that security controls were being independently audited and verified.

What did Quadra do?

Quadra met with MedAll to understand the business unit operations, gather information, and access the existing information security processes against the requirements of ISO27001. A risk assessment was conducted after this review to identify key information assets and potential threats and vulnerabilities to these assets. A risk treatment plan was then conducted to address any threats and vulnerabilities identified through the risk assessment process. Quadra created a Statement of Applicability dealing with the controls deemed to be applicable in line with ISO27001, develop information security policy and procedures, and implement the information security management system to the requirements of ISO27001. Following guidance on an implementation period, Quadra carried out a full internal audit of the system to assess and ensure readiness for certification and facilitated a review in assessing the system prior to external audit.

What was the outcome?

Following the two stages of external audit, MedAll were recommended for ISO27001 certification first time and were extremely happy with the outcome. This achievement was of huge importance to all involved in standardising information security management processes throughout their innovative business, at an internationally recognised level.

Need more information?

For further information or to arrange a waste management review of your organisation please contact us.

tel: +44 28 9042 3222 / +35318321493

Email: [email protected]

Join our mailing list

sign up to our mailing list for latest training news and updates

Please select all the ways you would like to hear from Quadra Ltd:

Please select all the ways you would like to hear from Quadra Ltd:

Belfast
Quadra Ltd
14-16 Shore Road
Holywood, Co. Down
Northern Ireland, BT18 9HX
t: +44 28 9042 3222
e: [email protected]
Dublin
Quadra Ireland Ltd
20B Beckett Way
Park West Business Park
Dublin 12.
t: +3531 832 1493
e: [email protected]
Certifications
BSi Affiliate
NQA Associate Consultant

Quadra is a world leader in management systems consultancy and training specialising in ISO Standards and Compliance.

Quadra Ltd
14-16 Shore Road
Holywood, Co. Down
Northern Ireland, BT18 9HX
t: +44 28 9042 3222
e: [email protected]
Quadra Ireland Ltd
20B Beckett Way
Park West Business Park
Dublin 12.
t: +3531 832 1493
e: [email protected]

SGS Certification

NQA Associate Consultant

©Quadra Consulting. All Rights Reserved.

Divider

Disclaimer

Divider

Privacy Statement & Cookie Policy

Divider

Facebook Youtube Twitter Linkedin