ISO Quality Services – March 2014 Newsletter!
19 Mar, 2014
Welcome to the March edition of our newsletter, where the sun has shone, we have celebrated St Patrick’s Day and the Daffodils are well on their way!
Futura Design Limited
Founded in 1987 by David Abel and his business partner Graham Astbury, Futura’s approach has always been to combine high quality design expertise with a personable and friendly touch.
Early on, Futura established itself as the sole distributor of styling clay to the automotive design industry in the West Midlands. At this juncture a customer base was developed with clients such as Jaguar, Land Rover and Bentley. Here, requests for clay scale models grew due to the founders’ backgrounds as highly reputable clay modellers.
To date, they have 3 separate design studios, a work shop, paint booths, and trimming office. This enables them to house their expanding divisions and marks the start of the next generation for the Futura Group for their long term future.
They have recently achieved their ISO 9001:2008 Quality and ISO 27001:2005 Information Security Management Standard.
With over 20 years in the field of Recruitment and Contracting, they recruit contract and permanent staff for automotive manufacturers and design studios worldwide and have an array of nationalities working for them, including but not limited to Chinese, Japanese, Australian, American, Brazilian, Indian, and numerous citizens of different European countries.
Their database of over 5,000 design professionals gives them confidence that Futura are best equipped to solve any of your requirements or needs, from a temporary to permanent basis, involving just one or a whole team of personnel either on or off site.
They have recently achieved their ISO 9001:2008 Quality Management Standard.
“Recruitment Manager of Futura Recruitment, Daniel Abel (left), our Senior Lead Assessor Peter O’Neill (centre) and Paul Cadman, Operations Director of Futura Design Ltd (right) being presented with their certificates. Futura Design Ltd were certificated to the ISO 9001 Quality and ISO 27001 Information Security Management Standards and Futura Recruitment to the ISO 9001 Management Standard.”
Compuserve Limited T/A Compuserve IT Services
Compuserve IT Services was founded in 1975 and is based in the West Midlands.
They are our first client to achieve the ISO 27001:2013 Information Security Management Standard.
The company provides an excellent range of IT services to help support the growth of businesses. They concentrate on driving IT services into small businesses throughout the UK & Ireland. Their aim is to transform and maintain an organisation’s IT infrastructure with benefits beyond that provided by a typical it company.
They specialise in managed IT services whether by remotely controlling an entire network, or if the organisation outsources its complex systems, they can provide a flexible approach to managing your systems. For more information on the company, please contact them via their website or calling them on 0845 839 9306
“Senior Lead Assessor, Colin Watkins (left), presenting Compuserve Limited t/a Compuserve IT Services Office Manager, Andy Millward (right), with their ISO 27001:2013 Information Security Management Certificate.
Nexus Vehicle Management Limited
Nexus Vehicle Management Limited are based in Leeds. They have been presented with their ISO 9001:2008 Quality Management Standard.
Nexus is the leading provider of corporate vehicle rental in the UK. They are the only provider that can offer you any vehicle, anytime, anywhere. They also provide fleet and rental management solutions, allowing you to focus on what matters to your business.
Their unique range of hassle free services are unmatched by any other vehicle rental provider. For more information on the company and how they can be of service to you, visit their website, call them on 0871 984 1940 or email.
Active Energy Funding Limited
Active Energy Funding Limited is based in Bury ST. Edmunds, Suffolk and were founded in 2012.
Active Energy Funding Ltd work at the forefront of Carbon Delivery, procuring Energy Efficiency grant funding for a range of clients, including Local Authorities, Housing Associations, Private Landlords Installers, businesses and individual homeowners.
We believe that from a money saving standpoint (not necessarily certification) it is worthwhile having a member of staff who is environmentally aware within the business.
Someone that can champion being environmentally friendly with even small gestures such as: getting staff to turn off the lights in the office can save pounds.
Have you ever asked yourself following questions?
- How to identify areas where cost savings can be made
- The role of an Environmental Manager
- How to identify the aspects and measure the impact of these aspects
- How to set environmental objectives
One of our clients found that by being environmentally aware they halved their water consumption and saved a considerable amount of money within a year.
We are holding a ‘one day’ Environmental Manager Training Course on Wednesday 30th April 2014 that will help you answer the above questions.
The course will be held at our Head Office in Worcester. To attend this course you do not need to be looking at the environmental standard or even be currently certified. For more information on the course, please call us on 01905 670303 or email
The cost of this course:
Per Delegate £295.00 plus VAT
Per Delegate £195.00 plus VAT (Booking more than 1 place)
HSE researchers were in a fast food outlet observing activities in connection with slips and trips.
Taking measurements using the pendulum
A customer bought food and drink but spilled some of their coffee on the way to sit down. The spillage was small, about the size of a fifty pence piece.
The fast food company was aware of the risk of slipping from liquids or food spilled on their smooth floors and, almost immediately, a member of staff came to deal with the problem.
They mopped up the spillage (and also the surrounding area because it looked dirty), squeezed out the mop and went over the whole area again, leaving an area of approximately 2 square metres ‘mop dry’.
The researchers took measurements on the ‘mop dry’ area using pendulum and surface micro roughness techniques, and also timed how long it took to dry completely.
The 2 square metres of mopped floor, now almost indistinguishable in appearance from the rest of the floor, took approximately 7 minutes to dry and measurements showed that the area was extremely slippery during that time.
Research has shown that many slips are caused by a sudden change in floor surface characteristics. In this case, for the 7 minutes until the floor dried completely, it would be difficult for customers and staff to realise they were walking from a safe to an unsafe surface.
The company, who had a good awareness of slips and trips risks and an efficient system for identifying spillages had, in fact, increased the risk of slipping because of the method of cleaning used in this instance. Simply cleaning up this spillage and drying the small area of floor with a paper towel would have been far better.
The fast food company are considering a change to their spillage and general cleaning procedures.
A study has revealed that more than 300,000 internal security breaches took place in UK businesses over the past 12 months – an average of 1,190 per working day.
The study, which polled 250 IT decision-makers, showed that 32% of businesses with more than 500 employees had internal security breaches in the past year.
In addition, 42% of respondents said ignorant users posed the greatest security risk to those in business, yet only a quarter of IT managers consider insider threats to be a top security priority.
Respondents named viruses (67%), data loss (47%) and hacking (39%) as top concerns.
IT professionals are failing to look at their own internal structures seriously enough, the report said.
10 STEPS TO BEATING INSIDER THREATS
• Limit or prevent concurrent logins
• Limit working hours or maximum session time
• Limit users to their own computer or department
• Monitor user behaviour in real time
• Identify and respond to suspicious behaviour
• Revoke user credentials when employees leave
• Implement a security policy on network access
• Clearly document policies
• Continually remind users of the policy
• Work with other departments to manage network access
Network management under par
The report also highlighted confusion around network management capabilities, with 69% of respondents under the misapprehension that Microsoft Active Directory enables the management of concurrent logins.
“Active Directory provides basic user security, checking that credentials supplied match stored user profiles and then opening up access to resources,”
“Authenticating those credentials is another matter; for this, organisations need to turn to stronger authentication techniques to ensure a user really is who they say they are,” he said
The report stated that while Active Directory provides basic security, it is important to build on that with real-time monitoring and further restrictions to what users can do once authenticated.
Chief executive of IS Decisions, said it is natural to see external sources as the greatest threat.
“That coupled with the fact that insider threat is a complex issue to manage has led to IT professionals seemingly turning a blind eye to the issue,”
Addressing internal security weaknesses
The research findings and the impact of leaks show clearly that internal security should be higher up the IT agenda.
“The reality is that it is a considerable problem, but the good news is there is a lot that IT departments can do to mitigate the risks. It is a technology issue as well as a cultural one, and can be addressed from both of these angles,”
The day-to-day internal security threat faced by most organisations is not due to malicious behaviour.
“The insider threat is most likely to be down to the misuse and poor use of IT, which in turn is often caused by inadequate policies and practices,” he said.
A good example of this is the sharing of usernames and passwords, which exacerbates the problem because issues arising cannot be associated with individual users.
The research found that IT managers believe that around 19% of users are sharing passwords within their organisation.
“Many aspects of the insider threat can be mitigated with investment in tools that monitor and, to a certain extent, control users, for their own benefit and for that of the organisation they work for,”
The report recommended that businesses implement a security policy that addresses both internal and external threats.
Organisations should be transparent about what risks the policy is mitigating. They should also ensure the policy is clearly documented and accessible, and that users are consistently reminded of its stipulations, the report said.
For more information, please visit their website.
ISO news, training updates and offers, meet the ISO QSL team and connect with other like-minded individuals.
If you haven’t joined already – what are you waiting for?
Are you a client of ours? Visit us at: ISO QSL LinkedIn Company page
Why not refer a friend?
Recommend a company you know who would benefit from our services and receive a free case of wine or a £50 Marks & Spencer’s Voucher…..the choice is yours!
(To qualify for this you must refer a successful lead).
To offer your referrals please contact – firstname.lastname@example.org or call 01905 670 303
ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.
Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email email@example.com.
Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.