Smart Working, a leader in IT Staff Augmentation, proudly announces its attainment of the ISO/IEC 27001:2022 certification, an esteemed international standard for information security management systems (ISMS). Certified on 16 October 2024, this achievement underscores Smart Working’s dedication to robust data security and enhanced protection protocols.
The process towards certification began in April 2024, spearheaded by Uma Sharma, General Manager (Head India Operations), and Julian Rowse, Founder of Smart Working. Together, they identified the importance of elevating the company’s data protection practices. With a view to fortifying internal security and building deeper client trust, the leadership set a six-month timeline to achieve ISO certification.
“Becoming ISO/IEC 27001:2022 certified was not just about gaining a credential,” said Uma Sharma. “It was about evolving as an organisation and reinforcing our capacity to protect sensitive information while positioning ourselves to attract new business.”
To lead this transformation, Smart Working joined forces with Coral eSecure, a consultancy specialising in ISMS, to conduct an extensive gap analysis of the company’s security framework. This partnership involved evaluating risks, threats, and vulnerabilities across all departments, establishing strategic approaches to mitigate identified risks.
The certification process was a collective effort directed by department heads, supported by an internal ISO forum to track progress. Regular meetings included input from executives and department leaders, ensuring all policies were meticulously aligned with ISO standards over a three-month period.
“Implementation was the most challenging part,” noted Uma Sharma. “Ensuring all team members, especially department heads, fully understood and adopted the new policies was crucial. We introduced cutting-edge tools like Manage Engine, encrypted hard disks, and disabled USB ports as part of our IT security milestones.”
In early August 2024, Smart Working conducted an internal audit with Coral eSecure, obtaining feedback on areas that required improvement. The team rapidly addressed these areas in preparation for the certification audits.
The Stage 1 audit, completed by SGS in late September, confirmed Smart Working’s readiness. Following a four-day Stage 2 audit in early October, the company received its certification.
“This achievement reflects every team member’s dedication and hard work,” commented Julian. “It is a validation of our focus on continuous improvement and delivering secure, reliable services to our clients.”
Achieving ISO/IEC 27001:2022 certification highlights Smart Working’s commitment to the highest standards in information security and compliance, furthering its capacity to foster trusted client relationships and attract new partnerships through secure, reliable services.
This certification enhances our ability to safeguard client data, ensuring their information is managed with the highest security standards. Clients can trust that we are fully equipped to protect their data and deliver secure, reliable services.