Smart Working Achieves ISO/IEC 27001:2022 Certification, Strengthening Information Security and Client Trust

LONDON. UK. 30th October, 2024 - Smart Working, a leader in IT Staff Augmentation, is proud to announce its successful attainment of the ISO/IEC 27001:2022 certification, an internationally recognised information security management systems (ISMS) standard. This milestone, certified on October 16, 2024, demonstrates the company’s commitment to safeguarding sensitive data and enhancing security protocols.

The journey towards certification began in April 2024, when Uma Sharma, General Manager (Head India Operations), and Julian Rowse, Founder of Smart Working, initiated discussions about enhancing the company's information security measures. Recognising the importance of robust data protection, the leadership set the ambitious goal of achieving ISO certification within six months to both strengthen internal processes and build greater trust with clients.

Becoming ISO/IEC 27001:2022 certified was not just about gaining a credential," said Uma Sharma. "It was about evolving as an organisation and reinforcing our capacity to protect sensitive information while positioning ourselves to attract new business.

To guide this transformation, Smart Working partnered with Coral eSecure, an expert consultancy specialising in ISMS, to perform a thorough gap analysis of the company's existing protocols. This collaboration involved a comprehensive review of risks, threats, and vulnerabilities across all departments, with strategic measures developed to mitigate any identified risks.

The certification process was a team effort led by department heads, and an internal ISO forum was established to oversee progress. Regular meetings ensured all stakeholders, from the executive team to department managers, were involved. Policies were rigorously designed and tested over three months, strongly emphasising aligning each department with ISO’s stringent standards.

Implementation was the most challenging part,” Uma Sharma noted. “Ensuring all team members, especially department heads, fully understood and adopted the new policies was crucial. We introduced cutting-edge tools like Manage Engine, encrypted hard disks, and disabled USB ports as part of our IT security milestones.

By early August 2024, the company conducted an internal audit with Coral eSecure, receiving feedback on areas that needed improvement. The team swiftly addressed these points to prepare for the official certification audits. 

Stage 1, completed by SGS in late September, confirmed the company’s readiness. Smart Working emerged fully certified after a rigorous Stage 2 audit spanning four days in early October.

This achievement reflects every team member's dedication and hard work,” Julian added. “It is a validation of our focus on continuous improvement and delivering secure, reliable services to our clients.

The ISO/IEC 27001:2022 certification affirms Smart Working’s commitment to maintaining the highest information security and compliance level. This certification will further enable the company to solidify relationships with existing clients and expand its portfolio by offering secure, trusted services to new partners.

This certification enhances our ability to safeguard client data, ensuring their information is managed with the highest security standards. Clients can trust that we are fully equipped to protect their data and deliver secure, reliable services.