Foto
13May

Barry Bennett Ltd

Information Security Management Systems

The UK’s premier company supplying assistive technology and services to students in receipt of the Disabled Students Allowance since 1996. With offices and forward stock locations covering the whole of the UK, and an unrivalled team of full-time Installers and Trainers, they offer a comprehensive and professional service that is unrivalled in that industry.

Partners

Dr Chris Bamber, Mr Greg Paton and Mr Mick Mann of OLC acting as information security systems consultants to Barry Bennett Ltd, worked with senior staff in Bolton, UK to develop ISO 27001 Information Security Management Systems certification.

Barry Bennett Ltd is nationally recognised as the UK leader in providing assistive technologies to disabled students.

The Vision

To develop a system fully compliant with ISO 27001 and ensure that all operational activities at Barry Bennett Ltd are compliant to that standard and that information systems security is not compromised. An important facet of that requirement was to ensure that internal auditors were trained and that certification was achieved in record time. Implementing ISO 27001 through OLC consulting was a four stage process with 16 manageable parts; the benefits of which ensured that information security was embedded in all operational activities of the business:

The Process

Stage One: Start Up

  1. Purchase a copy of the standard
  2. Obtain management support
  3. Determine the scope of the ISMS
  4. Identify applicable legislation

Stage Two: Risk Assessments

  1. Define a method of risk assessment
  2. Create an inventory of information assets to protect
  3. Identify risks
  4. Assess the risks

Stage Three: Control Procedures

  1. Identify applicable objectives and controls
  2. Set up policy and procedures to control risks
  3. Allocate resources and train the staff
  4. Monitor the implementation of the ISMS

Stage Four: Certification Process

  1. Prepare for certification
  2. Preliminary visit (gap analysis)
  3. Initial certification visit
  4. On-going assessments

The Benefits

With information and data now the lifeblood of many Organisations, putting measures in place to protect such information from threats, breaches of security and theft is often essential for ensuring the longevity and reputation of your business.

ISO 27001 Certification with OLC as the consulting team not only protects your Organisation and customers by putting effective security controls in place, but it also demonstrates to stakeholders and customers that you have been independently assessed and verified.

The key benefits for Barry Bennett Ltd were that they had a compliant system of data management and security that was fully integrated within the business. A team of internal auditors were fully trained to be able to deliver an internal audit program that assessed not only information security but quality management and environmental management system elements too.