ISO27001 sets out the requirements for establishing, implementing, maintaining and continually improving an information security management system. The information security management system in place at JTOL preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed. We know that information security is important to our customers and by implementing the standard it reinforces our desire to make working with them as streamlined as possible.
JTOL achieved Cyber Essentials Plus certification, the higher level qualification forming part of the UK Government-backed Cyber Essentials Scheme. A third party hands-on technical verification was conducted to ensure JTOL fully met the requirements of five basic control areas (access control, secure configuration, software updates, malware protection and firewalls and routers). This technical assessment was conducted by the certification body URM Consulting Services and involved a vulnerability scan on in-scope devices.
URM’s assessor commented that, ‘JTOL was well prepared during the certification process and had implemented all the required controls, indicating that the organisation takes its cyber security seriously’.