We are thrilled to announce that Zoocha has once again been able to demonstrate our commitment to maintaining the highest standards of information security by successfully recertifying for the ISO 27001 standard, now updated to the latest 2022 version. In conjunction with this, Zoocha has also been re-certified to ISO 9001 for Quality Management.
Our journey towards demonstrating our commitment to achieving high standards in quality and information security began in November 2017, when we first received the ISO certifications for 9001 and 27001 to a UKAS-rated standard.
The scope of our certifications is comprehensive, encompassing all of Zoocha Group service delivery across:
"The design, development, maintenance and support related to Drupal web applications, including cloud hosting, software and support."
This broad scope ensures that all aspects of our Drupal service delivery is covered under the stringent guidelines of ISO 27001:2022 and ISO 9001:2015.
Embracing the New: 2022 Version of ISO 27001
The 2022 version of ISO 27001 has brought with it a set of new controls, reflecting the evolving landscape of information security. The previous version of the standard was released in 2013, which meant that many of the controls were beginning to feel dated. These controls for the 2022 version of the standard include:
- Threat intelligence
- Information security for use of cloud services
- ICT readiness for business continuity
- Physical security monitoring
- Configuration management
- Information deletion
- Data masking
- Data leakage prevention
- Monitoring activities
- Web filtering
- Secure coding
For each of these new controls, it was necessary to broaden the scope of the Zoocha Business Management System (BMS) in order to accommodate updated processes and procedures to stay ahead of the curve in protecting sensitive information in an increasingly digital world.
The Zoocha team carefully integrated these new controls, ensuring that our practices are not only compliant, but also go above and beyond in many areas so that we are able to demonstrate our commitment to leading security practices across the Drupal agency marketplace. Our robust BMS now reflects the latest best practices in information security, ensuring that our services are reliable, secure, and efficient.
Zoocha's successful recertification to the latest version of ISO 27001 is more than just a compliance achievement; it's a reflection of our ongoing commitment to excellence in information security.
Celebrating Positive Findings from the Recertification Audit
The recertification audit brought to light several positive aspects of our operations. Notably:
"The company has very high levels of operational control and performance management."
This is a testament to our meticulous approach to project and support activities.
"The use of the Confluence system provides easy access to information relating to the BMS"
Zoocha recognises that well documented processes are crucial in ensuring consistency, preserving knowledge, delivering high-quality services, avoiding ambiguity and assumptions.
"The use of Jira provides effective job monitoring and audit trails"
Across all of our project and support activities, Zoocha employs rigorous, consistent approaches to ticket and issue management, ensuring that there is a clear audit trail and reporting across all elements of our service delivery.
Looking Ahead
Our journey doesn't stop here. Work is well underway to extend the ISO 27001 certification and incorporate the ISO 27701 Privacy Information Management standard into our BMS, which we are aiming to achieve in early 2024. In addition to this, stage 1 and stage 2 assessments for ISO 22301 Business Continuity are scheduled to occur in December and January; hopefully, pending successful audits, this will add yet another string to our ISO compliance bow.
We are proud to offer our clients the assurance that their projects are in the best of hands, managed and supported by a team that sets the standard across Drupal agencies.