Zen has now integrated the two standards, making information security a key element of its business processes rather than a separate requirement.
ISO 9001:2008 provides a framework for managing and improving business processes, with particular emphasis on how these provide customer service and customer satisfaction. It sets out criteria for a process-led quality management system that puts the customer first, while ensuring a commitment to continual improvement.
ISO 27001:2013 encourages robust risk-management practices and a proper framework for information security, so that companies can do the best possible job of protecting customer and employee data. It not only helps organisations like Zen minimise the risks, but gives them tools to manage and learn from incidents, so that information security remains paramount at all times.
‘Continual improvement has always been a key part of Zen’s philosophy’ says Matt Kay, Finance Director at Zen. ‘As with our commitment to customer service, our quality standards set us apart from competitors. These re-certifications don’t just validate that Zen is working effectively but fundamentally help us shape a roadmap of ongoing improvements. True, the auditing process can be stressful, but we see it as a chance to further improve the way we work based on external scrutiny & assessment. For us, it’s about a commitment to excellence in all we do.’