QMUK ISO 9001 logo  
enquiries     email

0800 032 9001

ISO 9001 / 14001 Presentation Steps to ISO 14001 Certification
border
ISO HomeISO Home NewNew ISO ServicesISO Services Contact usContact us ISO, SIA & UKAS LinksISO & UKAS Links

QMuk.co.uk
Site Map

 ISO 27001:2005
Information Security

9001:2008
14001:2004
OHSAS 18001
Cost
FAQs

our enquiry form
e-mail

UKAS - UK Assessment Service
ISO - International Organization for Standardization

ISO 27001:2005 Certification/Registration

Our systems help you manage & protect both your own & your customer’s data.

In an ever increasing age of security awareness & media exposure of careless information handling, the protection of data is critical. Sectors such as finance, health, public and IT have become particularly sensitive. Hence, certification to the standard is increasingly winning both confidence & new contracts: -

- Security Policy

Top Management must define a policy that is appropriate to control its Information Assets & evaluated risks.

- Statement of Applicability

The company must fully review the requirements of the 27001 standard. It should then complete a “Statement of Applicability” identifying the controls necessary to address each clause as applicable.

- Risk Evaluation

The company must define a risk assessment methodology for Information Security (IS) risks.

Identify criteria for accepting risks and identify the acceptable levels of risk.

Develop a Risk Treatment Plan to bring all identified risks to an acceptable level.

  • Identify all assets of the company relating to information security and compile an Asset Register.
  • Identify combinations of threats and vulnerabilities relating to the asset (an IS Aspect), and then identify the impacts that losses of confidentiality, integrity and availability may have on the asset using an Asset Risk Assessment Report.
  • The impacts take into account the business, legal or contractual obligations that the company has.
  • The impact of the losses is given a monetary value using the guidance on the asset Risk Assessment Sheet.
  • The assessment then looks at the likelihood of the security failure occurring by a combination of the frequency of the threat and the likelihood of success.
  • A combination of the impact and likelihood of the security failure provides a level of the risk normally in three categories:

Low Risk No immediate action required although there may be improvements in processes/technology that reduce the impact of the security failure further.
High Risk Must be included in the Risk Treatment Plan for positive actions to reduce the risk
Medium Risk Must be included in the management review of the IMS with actions identified if required and inclusion in the Risk Treatment Plan

The Asset Risk Assessments are included in the IS Management Review, the meeting identifies a risk treatment plan for High and selected Medium Risks, identifying timescales, actions and responsibilities to complete.



back to top
QMuk Update

QM.UK
ISO 9001/9000/14000/14001

-

28th June 2010

The Salvation Army

We are pleased to announce that we are now commencing work with the Salvation Army, our joint aim to achieve
UKAS Approved
ISO 9001:2008 status for –
Homlessness Services

(click on logo below to find out more)

The Salvation Army Lifehouse

For several years The Salvation Army has been refocusing its services for homeless people based on principles set by their founder William Booth. Since 1865, The Salvation Army has looked at helping the whole person and not just their problems.

also

(click on logo below to find out more)

Employment Plus, work for all  

The Salvation Army, in keeping with its God-given mission of practical concern for the needs of humanity, has committed itself to engage fully in the provision of Employment Services as a further contribution towards achieving a more inclusive society and tackling poverty through better access to employment.

If you wish to make a donation to a social effort within the UK, Just click on the logo below

The Salvation Army Summer Appeal

-

Environmental impact is becoming an increasingly important issue across the globe, with awareness ever growing Commercial, Consumer & Social pressures are also building up on businesses.
As a result, the advantage of being able to demonstrate a commitment to minimising the impact of your activities on the environment through
ISO 14001 Registration
is rapidly escalating.

Any office-orientated company
embarking on a 9001
registration programme with us
will receive our 14001 consultation
(resulting in simultaneous registration)

free of charge

(For all other organizations the add-on fees are capped at 50%)

With genuine commitment UKAS ISO 14001 Registration can be achieved in 30 days

-

We are now actively gaining
ISO 27001 Certification
for our customers

Information Security
Management Systems

Our systems help you manage & protect both your own & your customers data.

In an ever increasing age of security awareness & media exposure of careless information handling, the protection of data is critical. Sectors such as finance, health, public and IT have become particularly sensitive. Hence, certification to the standard is increasingly winning both confidence & new contracts.

-

Consultants Required
ISO 9001, 14001, 27001 &
OHSAS 18001

please submit details to:
vacancies@qmuk.co.uk


Call for free!

0800
032
 9001

QM.UK
Systems + Simplicity


QM.UK use UKAS Accredited Certification Bodies only. Companies who do not deploy UKAS Accredited Bodies or offer Certification within weeks, normally certify their own systems. This can be considered as credible as a driving instructor issuing his own driving licences - further information

grey line

Contact details



Freephone 0800 032 9001

e-mail: enquiries@qmuk.co.uk

London, Poole, Bath, Birmingham, Cardiff, Liverpool, Glasgow - England, Scotland & Wales.............. Full National Coverage.

International Enquiries:
00 44 1202 739631
Successfully operating in Dubai, Germany & France....




Registered Office:



1 Gleneagles Avenue
Poole
BH14 9LJ