07 July 2009
Benefits Ltd has become the UK’s first employee benefits provider to be
accredited by BSi to ISO EN 27001 the internationally recognised
standard for Information Security Management.
accreditation means that Asperity’s Information Security Management
System has been assessed to be compliant with the standard, which
ensures that companies understand and classify the data that they hold
on individuals and the risks and threats associated with that data. The
standard ensures that risks are managed through process and technology.
announcement was warmly welcomed by Michael Whitfield of Thomsons
Online Benefits, one of Asperity’s industry partners: “We think it’s
brilliant that Asperity has achieved the ISO 27001 accreditation which
will drive up standards in the VB sector. As we are in the final
process towards receiving this accreditation ourselves, we are fully
aware of how much hard work goes into it and the benefits it brings to
both the business and to clients. It will prove to be a significant
factor in provider selection for clients in the future”.
MD, Glenn Elliott, confirmed that he thought that the protection of
data was his company’s ‘single highest priority’. Less than 6,000
organisations worldwide have achieved the accreditation, surprisingly
low given the focus in recent months on safeguarding personal details,
and high profile lapses.
Asperity spent over a year
preparing for accreditation, and leads the industry in recognising the
importance to clients of a provider who fully understands information
security. Glenn said: “3 years ago, we rarely received an enquiry from
a client about data security. Now, it is routine, and formal
accreditation helps clients to understand how seriously we take it. We
are of course delighted to have our system recognised.”
providers control personal data on millions of employees and the
industry was shaken recently when Childcare Voucher provider Busy Bees
had to take their service offline following a major security incident.
Asperity is setting a trend as well as a standard with its ISO
certification and a number of other providers are expected to follow