Information security is vital to Lyons Davidson, because information is the lifeblood of Lyons Davidson. We receive, process and output large volumes of information that is commercially, professionally or personally sensitive. Therefore, we recognise that we have a legal, professional and moral responsibility to protect that information from unauthorised or accidental modification, loss, leakage and theft.
Following on from our success in obtaining the ISO 14001 certification, we went on to gain ISO 27001 certification. This standard covers information security and puts in place the procedures required to demonstrate that the information we hold remains confidential, accurate and available to the appropriate users. The security of our data is an essential part of our business. We were increasingly being called upon by major clients to demonstrate how we deal with this issue, and ISO 27001 certification was an important step in terms of our commitment to providing a quality service to our clients and business partners by reassuring them that information security is taken seriously within the company, and in terms of having recognised processes in place to deal with information security threats and issues.
We have held ISO 27001 certification since 2008 and the scope of our Information Security Policy encompasses all Lyons Davidson offices and services.
ISO 27001 requires us to deal with all issues that impact on information we receive, hold or send in a certain way and to have a recognised policy and set of documented procedures governing this. We now have these policies and procedures in place, covering most aspects of our business, including:
- IT policies and applications
- Physical premises security
- Staff recruitment
- Financial data and accounts
By gaining ISO 27001 certification we have again shown ourselves to be innovators and market leaders. This will give you confidence that the information you provide us with will be safe and secure.