Alliantist achieves ISO 27001 and steps closer to release of its IL3 restricted platform

Alliantist is proud to announce it has achieved the coveted UKAS approved ISO 27001 accreditation for the organisation, our community interest subsidiary Achieve More CIC and crucially the pam cloud service that is in use across public service and private sector.  Key things about this achievement include:

Read Similar: Alliantist stands out with its successful migration to ISO 27001:2013 using pam

  • End to end assurance for a cloud service.  Other well known cloud providers rely only on the datacentre provider being accredited.  This is a major risk for the customer’s data if the controls in the application provider and its upstream network are less than adequate. With all the news lately about public sector data breaches, we recommend customers review their suppliers to ensure they have achieved ISO 27001 beyond the data centre.
  • It underpins the release of the government restricted pam service.  More to follow on this announcement but in simple terms we are now very well placed to introduce the complementary service to our current ‘protected’ pam service with a version that supports restricted IL3 data.  This is essential for many of our customers working with sensitive information and supports the government growth goals of working with cloud providers who are SME’s and have community interest at the centre of their work.
  • Fast achievement of the accreditation and efficient, effective Plan, Do, Check, Act (the model framework).  We were already mature with our controls, but by using pam to deliver the complete Information Security Management System (ISMS) it helped us deliver the solution much quicker and at lower total cost.  This is about to become a repeatable pam proposition for other organisations considering adopting ISO 27001 alongside 14001 and 9001 so contact us for tips if you are about to embark on ISO 27001.
  • Putting the ISMS at the heart of the business and building the organisation delivery model with the ISO requirements inside, not having the IS ‘tail’ wagging the business ‘dog’.  the Accreditors (ACS Registrars) commended us from that perspective and didn’t often come across organisations our size with leadership and staff so committed to the standard and invested in getting it right for our customers.

For more information see our summary on the security of pam or to learn more from any of the points above contact us now.

We won't share your details with anyone else.