FinTrU, the Belfast-based provider of financial services and associated support functions to some of the world’s largest investment banks, have been successful in achieving certification to ISO 27001:2013, the highest level of internationally-recognised Information Security standard for organisations. Quadra were delighted to have been commissioned by FinTrU to assist them in the implementation of their Information Security Management System, which has been rigorously tested against the requirements of ISO 27001:2013 standard.
ISO 27001:2013 outlines the requirements for establishing a framework to manage and safeguard the confidentiality, integrity and availability of data based in an organisation. By undertaking the implementation and subsequent certification to ISO 27001:2013, FinTrU’s intention was to further embolden their position as one of the world’s leading providers of the highest quality resourcing solutions for legal, risk and compliance consultancy.
Maintaining and elevating their customers trust and credibility in FinTrU was of paramount importance and this certification helps establish this. Certification to the standard provides FinTrU’s customers with confidence in their services and assurance that there are robust controls in place which will help maintain and continuously improve the relationship and integrity of information between the organisations.
In order to assist in FinTrU achieve certification in the most seamless way, Quadra were responsible for implementing the following approach;
- A review FinTrU’s existing policies and processes.
- Gap analysis delivery of existing policies vs ISO27001 requirements.
- Creation of the Statement of Applicability.
- Support in the creation of the supporting polices and processes for the Information Security Management System.
- Support to FinTrU during the implementation.
- Performing Internal Audits prior to certification.
- Training FinTrU staff in ISO27001 Internal Audit processes.
By achieving ISO 27001:2013, FinTrU have established a robust, secure management system for their customers by putting measures in place to protect data and mitigate risk, and have shown the world they are committed to the highest levels of information security on a continuous basis.