Operating to the highest security standards
ISO/IEC 27001:2013 is the internationally recognised standard framework for an information security management system (ISMS).
Many companies claim to operate to this recognised standard but in reality only a few have been officially certified by a respected Accreditation body. Certification is carried out by one or more assessors who are independent of the organisation and have the training and experience to conduct the assessment. The process is extensive and involves inspecting systems and procedures and interviewing staff and stakeholders to verify that systems are in place and are robust.
Reputable certification bodies
When conducting due diligence prior to selecting a supplier, you should establish what systems and controls the company has in place. If you are unsure whether a company is certified, ask to see their certificate. Ensure the accreditation body is a reputable one that is recognised. Click here for more information about certification bodies.
Robust and independently verified
Today Translations achieved ISO27001 in 2014 passing inspection with no areas of non-conformity, no observations for improvement and received a commendation from the assessor for the company’s commitment to data security. Today Translations put in place 131 controls to secure data and manage confidentiality and security and this is applied throughout our global operation. To support this, we have assembled a network of security-cleared translators and special advisors, many of which have first-hand experience in working with the UK Government and military.
How secure is your supplier?
No industry is free from security risks. The translation sector has some unique risks and one of these is that serious risks are often unseen in the translation supply chain. For example, a company or individual may have excellent in-house procedures to protect their physical and electronic information assets but when data leaves the company and is sent to an external supplier, data protection controls may be insecure. In these circumstances, the risk of data being lost or compromised is increased and this exposes you and your customers to harm.<>
Criminals want your customer data
Organised criminals are particularly interested in obtaining personal data that they can use to steal a person’s identity and they use this to facilitate other crime such as credit card and mortgage fraud. They also sell-on personal details to other criminals who give these identities to people who have been illegally trafficked into a country or want a clean identity to perpetrate crime such as money laundering, bribery or even a terrorist related crime.
This data can make criminals very wealthy and they will use every opportunity to steal personal data. Personal data is especially vulnerable when it is left unattended such as on an office desk or on a computer screen. It is also vulnerable when it is in transit, either in paper form or when transmitted electronically without suitable encryption. For more information on how to respond to the threat from cyber and other criminality listen to our Board Member’s presentation
Going beyond good housekeeping
The risks associated with electronic data can be mitigated by following good housekeeping measures such as those outlined in the UK Government’s Cyber Essentials and Cyber Essentials Plus scheme. These are considered basic cyber security hygiene for a company of any size and certification under the scheme permits the company to use the Cyber Essentials kite mark.
The controls available within ISO27001 incorporate the basic measures of Cyber Essentials and extend to cover a more comprehensive suite of physical and technical measures. To mitigate the risks associated with multilingual supply chains, Today Translations has pioneered innovative security measures and was the first security focused language and consultancy service provider in the world to achieve full ISO 27001 certification for its global operations.
The 131 controls we have put in place as part of our independently audited ISMS and the power of our QCS+ management software help mitigate risk. Safeguarding our clients’ information from loss or theft and ensuring supply chains are protected from other ancillary risks such as bribery and corrupt practices are just two of the many benefits that the certification has brought to our customers.
If you would like to talk to us about our security measures or would like assistance to secure your own multilingual supply chain please contact us and ask to speak to our Translation Security Assurance officer.