Last Updated on:
Smart Working, a prominent name in IT Staff Augmentation, is pleased to announce its achievement of the ISO/IEC 27001:2022 certification, the globally acknowledged standard for information security management systems (ISMS). Officially certified on 16 October 2024, this accomplishment underlines the company’s dedication to protecting sensitive data and strengthening its security framework.
The journey towards certification commenced in April 2024, led by Uma Sharma, General Manager (Head India Operations), and Julian Rowse, Founder of Smart Working, who identified the need to enhance the company’s data security protocols. Recognising the critical role of stringent data protection, they set the ambitious goal of achieving ISO certification within six months to bolster internal systems and build greater client trust.
“Becoming ISO/IEC 27001:2022 certified was not just about gaining a credential,” noted Uma Sharma. “It was about evolving as an organisation and reinforcing our capacity to protect sensitive information while positioning ourselves to attract new business.”
To support this transformation, Smart Working collaborated with Coral eSecure, a consultancy with expertise in ISMS, to conduct a comprehensive gap analysis of existing security protocols. This collaboration entailed an in-depth review of risks, threats, and vulnerabilities throughout the organisation, with targeted measures designed to address identified security gaps.
The certification initiative was a collective effort guided by department heads, and an internal ISO forum was formed to monitor progress. Regular meetings engaged all levels of the organisation, from senior leadership to department managers, ensuring rigorous policy alignment with ISO’s stringent requirements over a three-month period.
“Implementation was the most challenging part,” Uma Sharma commented. “Ensuring all team members, especially department heads, fully understood and adopted the new policies was crucial. We introduced cutting-edge tools like Manage Engine, encrypted hard disks, and disabled USB ports as part of our IT security milestones.”
By early August 2024, Smart Working undertook an internal audit with Coral eSecure, which offered feedback on areas requiring attention. These areas were promptly addressed to prepare for the final certification audits.
The Stage 1 audit, conducted by SGS in late September, confirmed the company’s preparedness. Following a rigorous four-day Stage 2 audit in early October, Smart Working was awarded the certification.
“This achievement reflects every team member’s dedication and hard work,” added Julian. “It is a validation of our focus on continuous improvement and delivering secure, reliable services to our clients.”
ISO/IEC 27001:2022 certification affirms Smart Working’s commitment to adhering to the highest standards of information security and compliance. This accreditation will strengthen client relationships and open doors to new partnerships through secure, trusted services.
This certification enhances our ability to safeguard client data, ensuring their information is managed with the highest security standards. Clients can trust that we are fully equipped to protect their data and deliver secure, reliable services.