EMR achieves ISO27001 accreditation and affirms its commitment to security best practice
EMR Integrated Solutions today announced it has achieved ISO27001 accreditation, a prestigious award and globally recognised standard for managing security risk.
ISO27001 is an industry-wide security standard developed to provide a model for establishing and maintaining an information security management system (ISMS) and recognises EMR’s corporate commitment to implementing security best practice in all aspects of its operations.
The award marks yet another major milestone in the company’s strategic efforts to position itself as a leading professional services provider and network integrator to the water, power and renewable energy sectors in Ireland and the UK.
Commenting on the award, Derek Glynn, chief operations officer said:
“ISO27001 certification demonstrates that EMR has adopted a framework of security best practices and this certification confirms our ongoing commitment to the security, confidentiality and high availability of our services.
“It is important to understand this isn’t a ‘one-off’ audit, but an ongoing process of continuous improvement underpinned by the security policies and procedures contained in EMR’s ISMS,” he said.
The project was spearheaded by Sean Hughes, network security engineer with EMR and successful accreditation followed a two-year process during which Sean led several phases of work. This included planning and initiation, the establishment of a project team, defining the ISMS scope, identifying gap analysis and security risk assessments followed by ISMS policy and procedure development and implementation of controls.
“EMR sees the adoption of ISO27001 as a mechanism to protect EMR and our client information in a systematic and cost-effective way. It ensures confidentiality, integrity and availability,” said Sean Hughes.
“ISO27001 will provide a distinct market advantage, enabling us to tender for new business as it’s now becoming mandatory just like ISO9001, 45001 and 14001. It means we are more competitive and one of a select number of suppliers that make it to the tendering stage. That gives us an edge,” he said.
The ISO27001 audit was completed in September 2021 and covered the organisation, leadership and planning, internal processes, evaluating the performance of EMR’s ISMS and verifying that all controls were in place with demonstrative evidence from the ISO27001 project team.
EMR also obtained additional security accreditations throughout the ISMS implementation process such as Cyber Essential Plus, a certification indicating to stakeholders its proactive stance against malicious cyber attacks. This additional certification bolsters the implementation of our ISMS policies and procedures under the ISO27001 banner.
Pictured above is Derek Glynn, COO, EMR