Because we conduct professional pre-employment screening services we focus specifically on compliance with the Data Protection Act, the management and control of confidential materials and we support the crack down on misuse of personal information. All of this means that frameworks like the ISO27001 Information Security Management System standard are useful compliance overview tools. ISO27001 is internationally recognised as an externally audited reassurance for organisations that want to demonstrate the care they take of personal information.
Agenda’s latest external audit by the British Standards Institute stated that “The objective of the assessment was to determine the effectiveness of the management system against the requirements of ISO27001:2005 and the clients assets, risks, policies, procedures, targets and objectives.”
Handling individuals personal information through the recruitment and screening processes means that Agenda has to be vigilant and build in compliance practices into everyday processes. Agenda has gone further and reviewed its compliance against the requirements and the ISO25999 business continuity standard to ensure that all bases are covered in the ISO27001 scope. The auditor reported that “No nonconformities were identified during the assessment.” The auditor went on to say “Audit records were sampled and were seen to be risk based and included both management system elements and controls. Records showed the areas audited and details of findings along with conclusions.”
Richard Connelly who manages the screening division said “It is critical that Agenda manages information appropriately and where possible exceeds the minimum requirements stated. New and ongoing enhancements to our processes and network security systems will further enhance compliance and show our continued commitment to protecting our information and that of our clients and their candidates.”
The auditor finished by complimenting Agenda’s emphasis on legal compliance by stating “The legal compliance documentation in the management system was reviewed. A summary of all legislation deemed applicable is included along with detailed plans of how this legislation is applied to the operations of the business. The document was seen as a comprehensive solution.”
Norman Mortell, Director of Operations concluded by saying “Agenda’s successful ISO27001 audit closely follows the recent impressive external audits of our Investors in People and ISO9001 Quality management processes and provides reassurance to our clients but more importantly recognition of the hard work of all of our staff and our continued investment in systems that add value to our services.”
If you like to read a full copy of the audit report or find out more about our ISO27001 consultancy services contact info@agenda-security.co.uk or ring 08456 44 55 46.
