The protection of information has always been of high importance within LCP, both client data and our internal LCP data – both physical and digital. Our certification in ISO/IEC 27001:2013 and Cyber Essentials Plus demonstrates best practice in information security, which is important to our clients and future clients.
What is ISO 27001:2013?
ISO/IEC 27001:2013 (ISO 27001) is an internationally recognised audited standard that provides the specification for a best-practice information security management system (ISMS). An ISMS is a set of policies, procedures, processes and systems that manage information risks, such as cyber attacks and data breaches.
Achieving ISO 27001 provides an independent, expert assessment that information security is managed in line with international best practice and business objectives.
What are the benefits of ISO 27001:2013?
- Helps to protect client and employee information by compliance to an auditable international standard for information security practices
- Helps to demonstrate that LCP have evidence of compliance with the GDPR
- Helps to align LCP with the information security priorities and requirements of existing and future clients
- Demonstrates that LCP are committed to ongoing improvements to information security processes and strategies and
- Demonstrates that LCP have practices for Identifying and reducing information security risks.
Cyber Essentials Plus
What is Cyber Essentials?
Cyber Essentials is a UK Government backed scheme, developed by the National Cyber Security Centre (NCSC). Cyber Essentials has two levels of certification (Basic and Plus), LCP is Plus certified which means that our systems have been externally assessed in order to demonstrate that LCP have implemented controls to protect against common cyber attacks.
Cyber Essentials Plus compliments LCP’s ISO 27001 certification which is the specification for a best-practice information security management system (ISMS).
What are the benefits of Cyber Essentials Plus?
- Provides cyber security assurances through annual external security assessments (e.g. internal and external vulnerability scans);
- Helps protect client and employee information;
- Helps to demonstrate that LCP has evidence of compliance with GDPR;
- Helps to align LCP with the cyber security priorities and requirements of existing and future clients and regulators (e.g. The Pensions Regulator);
- Demonstrates that LCP are committed to ongoing improvements to cyber security processes and strategies; and
- Demonstrates that LCP have systems and practices for defending and reducing cyber security risks.