Why ISO 27001 isn’t just for IT Managers

18 Oct, 2019

If you were going to cut costs in your business, would you just ask the Finance Manager to achieve it on their own or would you expect everyone to play their part – from the person buying stationery to your 20-strong team on the road?

Sure, the Finance Manager may lead on it, but, to succeed, it has to be a team effort.

So, how is it possible to expect an IT Manager to keep all your data and systems safe without having input from anyone else?

It really isn’t. Especially when a lot of the risk comes from an area your IT Manager has limited control over – the rest of your staff!

Of course he/she can lock down the tech as much as possible, but it’s still not possible to iron out user error. Other precautions have to be taken to achieve this, like providing training, conducting audits and ensuring that all staff have a good level of understanding so they can spot a phishing attempt a mile off and don’t open your network up to malware.

To be successful, a shift in thinking and behaviour is needed across the organisation. So, just as a programme to cut expenses will have more success when led by the Sales Manager, whose team will no doubt be racking up rather large expenses otherwise, we’re finding that some other roles are actually as well placed as the IT Manager – if not better – to drive through ISO 27001.

That’s why we’ve made sure that our ISO 27001 training doesn’t demand technical knowledge.

Don’t believe us? Take our free Intro to ISO 27001 online training and judge for yourself.

If not the IT Manager, then who?

Cyber and information security are strategic issues which affect the long-term viability of your organisation. The ideal candidate will have the following attributes:

  • The ability to think strategically – they’ll understand your organisation’s long-term objectives and the steps needed to achieve success
  • Experience in identifying risks and evaluating their severity and likelihood
  • An understanding of how to best train staff and secure their engagement
  • A willingness to work collaboratively with different functions

In our experience, these attributes are commonly found in Operations Managers and Office Managers, especially those who have prior experience of implementing ISO management standards, like ISO 9001.

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today on 0330 058 5551 or email info@isoqsltd.com.

Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.