ISO 27001 Certification

Energetiq is proud to announce that we are now certified as meeting the ISO/IEC 27001:2013 Information Security Management System standard.

Energetiq has a strong history of innovation, having moved customers into our AWS cloud since 2013. Whilst doing so, we’ve always understood the importance of maintaining the security and availability of our systems.

However security approaches, threats, concerns and capabilities change over time. As does the value of the information we protect. What was a single system, single customer in 2013 is now the defacto industry standard. And we’re rapidly closing on triple digits for the services we run. Toto, I’ve a feeling we’re not in Kansas anymore.

It was time.

At the start of 2020 Energetiq set a formal, company wide goal to be certified for ISO 27001 by the end of September. Some key stats:

  1. Three JIRA projects
  2. Twenty five policies
  3. Fifty two meetings
  4. One Hundred and Eighty-Four individual commits to those policies
  5. One external audit.

The certification process requires discipline and insight – but so does making great code. Or making new products. Or hunting defects in a UAT. Or keeping production environments both healthy, secure and available. With the entire Energetiq team applying that insight and discipline, we met our goal on time, first time.

But the goal isn’t just to achieve ‘tick in the box’ certification. That’s an external recognition of value – but it is of secondary value. The primary goal is to develop living policies and processes that we embed into our people, into our delivery, into our services.

We have a clear and ongoing mandate as a company to maintain a responsible, risk aware, and effective information security capability, both on behalf of our customers, and ourselves. And it is a journey, not a destination.

The ISO 27001 certification demonstrates our full and ongoing commitment to that journey.