After achieving my ISO/IEC 27001:2022 Lead Implementer certification last year, I have now gained my ISO/IEC 27001:2022 Lead Auditor qualifications on a CQI and IRCA-certified course. This, along with my extensive knowledge of Quality Management Systems complying with ISO 9001:2015, will allow us to provide pragmatic solutions to all our clients for Information Security and Quality. See our Services for more details.
For the past few months we have been implementing a full ISMS for a client, working from the ground up whilst also integrating it with an existing system covering ISO 9001, ISO 14001 and ISO 45001. This has been possible due to my ISO 27001:2022 Lead implementer qualification and will be enhanced with my ISO/IEC 27001:2022 Lead Auditor certification.
All of this has been supported by my extensive knowledge of software development for medical devices, where consideration of risks is essential to ensure that when used for diagnostic purposes, the combination of software and laboratory instrumentation “does no harm”. In the same way looking at risks from an Information Security perspective ensures “no harm” is done to any information.Also, ensuring that software is developed methodically, whether using a traditional waterfall approach or the more flexible agile approach, helps to provide robustness in the final product, preventing incorrect results or protecting the software from malicious actors’ attacks.
The key to all of this is to make these systems as simple as possible to follow without adding burdens that make the overall business less viable. There is a fine line between doing enough to be compliant, being risk-averse, and adding costs to a system that make it untenable and too costly to continue.
Therefore, with my ISO 27001:2022 Lead Auditor training and the Lead Implementer training I already had, I can balance the two sides of implementing a robust system while ensuring that costs and efficiencies are in built.
If you know anyone that could benefit from the input from a consultant with this strong background please feel free to contact us here.
If you have worked with me in the past and wish to provide a testimonial to my work, you can do that here.