Our ISO 27001 Commitment.
EHS officially received their ISO 27001:2022 certification in August 2023. ISO 27001 is a leading international security standard that outlines the requirements for assembling and maintaining a solid information security management system (ISMS). As one of the first health and safety training platforms to have achieved the Standard, this achievement demonstrates EHS’s leadership in the sector, and their dedication to digital security and sustainability.
EHS recognised the increasing scrutiny businesses are under to secure their data, and that there has never been a more important time to make sure data is properly protected, not just for their business’s sake, but for the safety of their employees, clients, third parties, customers and so on.
ISO 27001 certification also shows the commitment of EHS’s leadership to information security. One of the requirements of the standard hinges from this top-down approach, requiring commitment and appropriate resourcing from the leadership team. This leadership involvement gives EHS operational integrity - a clear understanding from top management as to what is required for gaining certification shows the organisation's commitment to information security.
Gaining ISO certification consists of a rigorous audit process, requiring organisations to conduct their own internal audits, as well as satisfying an external audit. The external audit dictates that an organisation must employ an external certifying body to conduct this audit, against the Standard to ensure compliance with the requirements of the Standard.
The certification goes hand in hand with our EPTW, Electronic Permit to Work System and other products we offer which gives our clients the confidence in our information security commitment.
The external audit also looks for evidence of continual improvement, thus certification proves EHS’s commitment to continual improvement and ensuring they’re up to date on all fronts (security, GDPR, data handling…).
So, what does this mean practically?
For EHS itself, it means they’ve built a system of policies and procedures that enable them to protect the data they handle within the work that they do. The certification shows that EHS are enforcing these policies and procedures, and therefore are protecting their own data and complying with GDPR. It shows their care for their staff, their payroll, their passwords, so on and so forth.
For EHS clients: It means that they can rest assured knowing that EHS Global Tech is handling their client’s data with the utmost care, using the aforementioned prescribed processes for data protection and handling. You are also able to rest assured in the fact EHS are striving to be the most secure front runners in the health and safety space, they are working tirelessly to ensure the protection of not only their own data, but that of their clients.
Unusually for such a demanding Standard, EHS gained certification to ISO 27001:2022 with no findings at the external audit, thanks largely to the support and help of ADL Consulting. “We were relieved to find ADL Consulting right at the start of our implementation journey,” said Rick Cox, Managing Director of EHS Global Tech. “ADL helped us to quickly understand what the Standard required and helped us to identify what we already had in place.”
From start to finish, the implementation of EHS’ ISMS was 6 months. “ADL really knew their stuff,” said Rick. “They helped to accelerate our meeting of the Standard’s requirements and, most importantly, helped us to build a really efficient system. As a result, our system makes sense for us, it’s easy to maintain, and is baked into our Business As Usual operational activities.”
Information Security at the highest level.
Get in touch