PQShield is now certified to ISO 9001 and ISO 27001

As industry leaders in the development of cutting-edge post-quantum cryptography, we understand the importance of having controls in place. More than simply a measure of competency, holding ISO 9001 and ISO 27001 certification is an essential bar from our rapidly growing customer base, and shows our continued commitment to best practice.

Many of our processes were already in line with requirements and, as a result, we were able to achieve compliance and certification in record time. For example, we use modern tooling (such as Jira) to manage our internal audit programme and HubSpot to manage customer feedback. We took time to consider the risks faced by our business before developing policies, processes and procedures that allow our team to operate freely, whilst maintaining world-class levels of security and quality.

To further support the process, we worked with Evalian, who advised us throughout, as well as UKAS-accredited certification body, QEC, who carried out our external audit.

Security

ISO 27001 is focussed on information security, and ensures we have rigorous processes in place to protect our data and information. Having already completed Cyber Essentials before embarking on ISO certification, we chose to enhance and customize the IT requirements, adding additional pillars of information security such as clear desk and clear screen requirements.

Quality

ISO 9001 ensures the quality of all customer-facing aspects of our business sales cycle, from initial engagement to customer service post-delivery. Additionally, we have formally documented our process to ensure the quality of the products we develop is maintained.

What now?

ISO 9001 and ISO 27001 focus on continual improvement, so we’re always refining our ways of doing things. As well as ongoing internal audits, we have implemented annual surveillance audits by our external auditor, to ensure we remain compliant, credible and certified.