The ISO 27001 standard which was awarded to InfoMate in January 2009, is a new standard released only in 2005 and deals with confidentiality and information security. As such, it is extremely relevant to outsourcing companies which hold sensitive information of clients.

The project, which commenced in March 2008, encompassed the entire spectrum of the organisation and required every member of the company to be trained in information security. As part of the process InfoMate was required to:

• Institute a Security Forum which meets periodically to review all aspects of information security
• Prepare a comprehensive list of information assets, categorising each asset according to its level of confidentiality, integrity and availability
• Identify the threats and vulnerabilities, and prioritise risks
• Devise a comprehensive Risk Treatment Plan and implementing controls
• Document an Information Security Policy, Security Manual together with policies and processes which conform to ISO’s stringent requirements.
• Ensure implementation of the documented processes with zero non-conformities
• Institute an internal audit team which would monitor compliance through periodic audits
• Introduce an internal helpdesk and security incident reporting

The certification will provide both existing and potential InfoMate clients with an international seal of process excellence and provide a guarantee of world class standards in information security, confidentiality and business continuity.