We caught up recently with Offsite Servers, providers of hosted solutions and IT services across the UK, to find out how the plans they outlined in their ISO 9001/ISO 27001 video case study had come to fruition.

When filmed, the Offsite team were optimistic about how ISO 27001 would stand them in good stead when GDPR became law in May 2018 and they were thrilled with how their dual certifications were helping them to compete against much bigger competitors. Their plans for further certification centred around ISO 22301, the business continuity standard, with the belief that holding the three standards would make them almost unique in their industry.

So, three years on, where are they at?

Unlike within many businesses, there was no last minute kerfuffle and panic at Offsite Servers as the nation counted down to GDPR. Simon Bateman, Financial Director, comments: “many of the requirements of GDPR were already met by our well embedded ISO 27001 processes and procedures, this made the process smooth with few alterations to working practices”.

The company has remained extremely competitive, helped by the instant credibility its two ISO standards bring. Having already felt the advantages of ISO certification in terms of levelling the playing field during the tender process, the team decided to strengthen their tenders still further by seeking certification under the Government’s Cyber Essentials Scheme. In October 2018, Offsite Servers were certificated to Cyber Essentials Plus by IASME. Coincidentally, at the same time our team at ISO Quality Services was providing consultancy to IASME  (the formal Cyber Essentials accrediting body) to help them successfully achieve UKAS ISO 9001 accreditation (read their story here).

Simon comments, “A lot of businesses say they’re good and they go to great lengths to explain how they’re good but, the fact is, with ISO 27001 and ISO 9001, we can immediately prove we’re good. We knew that by adding Cyber Essentials to the mix, we’d really thin out our competitors.”

And what’s for the next three?

Whilst Offsite Servers have not yet achieved their ISO 22301 certification, this hasn’t been ruled out.  Obtaining a third certification would enhance their current system and put them in a unique place as far as an IT company goes.