Getting IT right for Information Security

Getting IT right for Information Security

Energy Assets has successfully completed its ISO27001 information security audit, confirming the integrity of company’s processes and procedures for managing commercial and personal data.

Head of IT James Walker guided Energy Assets through the recent 2-day assessment, with auditors particularly impressed with business continuity planning and implementation in response to the COVID-19 pandemic and its impact on operations.

ISO27001 is the international standard that governs best practice in information security management systems, which involves identifying security risks and putting in place appropriate control methods. Energy Assets has been ISO27001 accredited for six years and undertakes audits every six months.

“The standard focuses on devising and implementing best practice in information security, covering both physical assets and electronic data – and how we manage and control any associated risk,” says James.

“It an increasingly important standard for businesses to hold, not just in protecting the organisation from cyber security threats and safeguarding data, but in meeting strict criteria set down by government and other customers as a pre-qualification threshold for contracts.”

Energy Assets has implemented a rigorous training programme to ensure best practice is embedded in the company’s culture, which includes a mandatory annual elearning module with a pass/fail element for all relevant staff.

“This approach ensures that everyone in the organisation understands their responsibility for information security, which is further underlined by the clear commitment from the leadership team to protecting employee and customer data as part of its governance oversight. When people understand why protecting data is important and how it relates to their daily working lives, then they embrace it.”

In the latest assessment, James and his team navigated the audit with no non-conformities, but he recognises that information security constantly evolves. This is why Energy Assets works closely with third party auditors to test procedures outside the formal ISO27001 assessment schedule and also runs external site penetration tests.

Comments James: “All these steps inform our approach to information security, add value through knowledge transfer and contribute to our business ethos of continuous improvement.”



World EV Day – Reality Check for Domestic Charging Networks

One of Britain’s leading operators of local energy networks is warning that the electric vehicle (EV) revolution could be in danger of stalling unless technological innovation can prevent system overload.

On World EV Day (September 9), Energy Assets Networks has highlighted how, without intervention, the projected rapid rise in demand for electricity to power domestic EV charging units could lead to outages.

National Gas Emergency ServiceElectricity fault?