Practical Solutions for ISO 27001:2013 Security and ISO 22301:2012 Business Continuity.
ParkinsonHowe has long been a pioneer in the areas of ISO 27001:2013 information security risk assessment, ISO 22301:2012 business continuity management and cybersecurity. Our mission is to be the leader in managing information security risk, improving business continuity, enhancing quality and optimising results. The purpose of ParkinsonHowe is to:
Our approach to assignments is based on best practice in Business continuity and information security, and more recently by ISO 27001:2013 and ISO 22301:2012. Adopting this approach has allowed Organisations to implement good practice in all area's and be able to demonstrate its commitment to delivering its services and managing any incident/situation that might disrupt those services.
The project team is experienced, with substantial knowledge and expertise in delivering business continuity and information security solutions throughout the world effectively and efficiently. (recent projects have been in the United States, Indonesia, Bahrain, India, Mexico and Germany
Over the past few months, we have been attempting to understand better, how to measure the effectiveness of management systems. We previously published one way that tied into the objectives of the business. Another way to look at effectiveness is to tie them into the overall mission statement of the organisation, and therefore measure against these.
Below you will see an effectiveness chart based on a companies current ISO 22301:2012 audit and previous consolidated audits.
You can make effectiveness measurements as complicated as you require, they can be based on each process or performance factors. Whichever is chosen, it has to meet the organisation’s requirements.
Click on the images to read about the Consultancy and Audit services we support
How long does it take to build an ISMS or BCMS To develop an ISO 27001:2013 ISMS or an ISO 22301:2012 BCMS the documentation can take from one month to several months. one of the critical factors is the business agreeing on the control and sign off of the management system. With this in mind we try to assist and alleviate as much of the worry as possible, by utilising previous work on an ISMS and BCMS from other companies. Any work carried out on the management system is usually prepared using your existing policies and procedures, however because we have developed many management systems, we can call upon our existing templates. This significantly speeds up the consultancy process and allows a company to gain further assurance. The end-costs of our consultancy frequently prove to be a nice surprise, due in some part to ParkinsonHowe coordinating with you, but working independently of day-to-day business decisions. Our hourly rates are competative in the market and we garantee transparency. The end-costs of our ISO 27001 and ISO22301 services frequently turn outto be a nice surprise.
GAP Analysis and Internal Audits Performing a Gap Analysis provides a practical way forward when starting your project for implementing a Management System Scheme such as ISO 27001, ISO 22301. Using a pragmatic business-focused approach we can compare your current systems and processes against recognised best practice as a first step to achieving certification. Analysis is based on interviews with key members of your organisation to establish your current position in relation to that required by the relevant scheme. We deliver a report which identifies where your organisation meets requirements and where there are gaps. The report includes recommendations on resources and actions needed to fill these gaps as well as the timescales necessary to achieve certification. We will then help prepare a comprehensive project plan covering the subsequent stag es of the implementation programme. This will include details of project actions, ownership and timescales.
Training courses for ISO 27001:2013 and ISO 22301:2012 Our aim is to offer practical, cost effective training to organisations and individuals. Our training courses allow delegates to expand their IT, business and management skills. Case studies provide valuable insight and opportunity for individual assistance from our experienced trainers. Delegates can expect a carefully designed training experience with a balanced mix of presentations, exercises and group discussions. In this way the courses will provide lasting benefits to both the delegate and their organisation.
BS 11000 allows you to collaborate successfully. It outlines different approaches to collaborative working that have proven to be successful in businesses of all sizes and sectors. BS 11000 shows you how to eliminate the known pitfalls of poor communication by defining roles and responsibilities, and creating partnerships that do nothing but add value to your business.
The structure of an audit is usually built around the clauses of the standard being audited. Our consultants and auditors use their qualifications, knowledge and experience to select a series of audit trails from the information presented to them; to give an informed independent perspective on how the system or service is working. Bespoke Audit Protocols - Bespoke Audit protocols take the idea of scored audits to a new level, by building on the recognised audit standards through the addition of client expectations, policies and processes into the scored audit question set. Scored Audits - A scored audit adds to this through the use of graphical displays which have a significant impact for internal communication and gaining management attention more quickly. Improvement (or decline) over time can also be measured and demonstrated through the use of absolute scores, percentage scores, 'levels' of achievement linked to client defined 'thresholds'.
A supply chain security and business continuity audit proves your commitment to control security and continuity risks to the benefit of you and your customers. Supply chain security and continuity audits look at Data and access security as well as the resilience of your supply chain.
Click on the images to read about selected assignments.
ELFS Shared Services was established on the 1st April 2002 and is now in its eleventh year of operation providing business shared services to 17 NHS client organisations from its offices located at Viscount House just off the M65 at Junction 4, Blackburn with Darwen Services.ISO 22301 Consultancy - ParkinsonHowe engagement is to assist in and maintain ELFS business continuity management system under ISO22301 Certification. Click here to visit ELFS Website...
DNV Business Assurance is a world leading certification body. They work with their customers to assure the performance of their products, processes and organisations through certification, assessment and training services. ParkinsonHowe has undertake key support engagements for DNV-GL since 2004 including:- ISO 27001 - Information Security audits and training;
The RCGP is the voice in support of doctors in general practice and the improvement of patient care. They represent the views of GPs on key Government and Departments of Health committees / working groups, medical royal colleges and many other primary care organisations. ParkinsonHowe has undertaken a number of key support engagements for RCGP since 2004 including: ISO27001 Security Consultancy - We have worked with RCGP as their information security advisors, to develop a management system that has allowed RCGP to gain ISO27001 certification for the ReValidation and E-Portfolio services. Risk Management Framework - RCGP required an operational risk framework to be implemented, and turned to ParkinsonHowe for assistance. Business Continuity plans - When the time came to develop executive management business continuity plans, ParkinsonHowe assisted in creating and exercising the plans with RCGP. Click here to visit RCGP website...
Celerity-IS is a UK based data services company, supporting and facilitating business and marketing needs. From quality Database Development to top level Systems Integration. The company's headquarters are in Dartford. ParkinsonHowe has undertaken varied assignments for Celerity-IS since 2007 including: ISO27001 Security Audit - ParkinsonHowe was engaged to carry out a wide-reaching information security audit of the company to ascertain their appetite for ISO27001 and CCC 55 standard. Internal Audit - In a separate assignment, we have been engaged to conduct ongoing ISO27001 information security audits and provide assistance in maintaining Celerity-IS certification. Business Continuity: We supported Celerity-IS in their development of business continuity plans that address, both the organisations requirements and the services being provided to clients. Exercises have been conducted to highlight the risks and issues faced during a recovery. Click here to visit Celerity-IS website...
ParkinsonHowe have been contracted by Nexxlinx to develop a framework for certification to ISO 27001:2013 and ISO 22301:2012
ParkinsonHowe will assist NexxLinx to develop a progressive information security and business continuity management system consistent with industry best practice.
Click here to visit NexxLinx website...
DAS has become firmly established as the clear leader within the legal expenses insurance market. DAS are proud of the fact that they provide access to justice for millions of people and, as a result, have become one of the leading non-life insurers. ParkinsonHowe has undertaken varied assignments for DAS Legal Services since 2006 including:
ISO27001 Security consultancy and training - ParkinsonHowe was engaged to carry out a wide-reaching information security audit of the company to ascertain their appetite for ISO27001.
Internal Audit - In separate assignments, we have been engaged to conduct ongoing ISO27001 information security audits and provide assistance in maintaining DAS certification.
Click here to visit DAS website...
Click on the images to read about the Clients we have supported in the following sectors.
Security of customer data and business continuity in the supply chain is important in this sector, ParkinsonHowe work with the following:
- Howard Hunt Group
- AEA Technology
- Southern Water
- Rockwell Collins
We have carried out a number of ISO27001 information security, ISO 22301 business continuity projects and training courses with the following:
- Manchester City Council
- Scottish Qualifications Authority
- General Teaching Council for England
- Learning and Teaching Scotland
- Qualification and Curriculum Authority
We have workied with a number of the leading financial institutions on security and business continuity improvements:
- FandC Asset Management
- Provident Financial
- Metro Bank
- EFG Eurobank
- Sonali Bank.
- SR Communications
- Security Partnerships
- Arco and Arco British
- Royal College of General Practitioners
- General Medical Council
- Elfs Shared Services
- NHS Barnsley
- NHS Newham
- NHS City and Hackney
- Bridgewater Hospital
- NHS Bromley.
The fastest way to contact us is by the contact form.
Please feel free to email us with any queries you might have on security or continuity. If you would prefer to speak to someone in person, please dial +44 (0) 161 484 0070