Compliance

ACHIEVING COMPLIANCE

Every business strives to achieve standards and as a result look to complete a variety of accreditations, certifications and qualifications. This ensures that when dealing with third parties, they can be sure that you always take care and due diligence as a supplier. In some cases these standards are necessary and some are optional. At 2414 we have a range of compliance solutions and can guide you through the necessary steps, phases, tools and ongoing management of these.

For more information on any of the below compliance standards or any others that aren't listed please call us on 01344 666035 or email info@2414red.com

THE EU GDPR FOUNDATION & PRACTITIONER CERTIFICATION

2414 have passed the EU GDPR Certification, this enables us to provide practical guides to planning, implementing and maintaining a GDPR compliance programme. It also enables our practitioners to fulfil the role of a Data Protection Officer (DPO). This qualification also gives us the ability to advise on the implementation and compliance with data privacy laws and related information security standards such as ISO 27001. This accreditation is for the ISO 17024-accredited EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications certified by IBITGQ.

ISO 27001

The ISO/IEC 27000 family of standards helps organisations keep information assets secure. Using this family of standards will help your organisation manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). There are more than a dozen standards in the 27000 family.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) or by a firm specific Internal Security Assessor (ISA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. 2414 are currently going through certification in Version 3.2

Cyber Essentials Certification

Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks. Cyber Essentials compliance is essential for any British organisation that wants to improve its protection against cyber attacks while also gaining a competitive edge. This is separate from ISO 27001:2013 accreditation. By achieving this Cyber Essential Plus certification you demonstrate to customers that you have robust practices and policies protecting your business from cyber-attacks.