GMSS receives ISO 27001 certification across whole organisation

We are pleased to confirm that ISO 27001 certification has been awarded across the whole organisation. 

GMSS first achieved ISO 27001 certification for the IT department in June 2020, as phase 1 of the ISO 27001 project plan. Phase 2 expanded the scope of the information security management system (ISMS) from the IT department to include all GMSS services. 

Following a two day audit by BM Trada, the ISO certification authority auditors, ISO 27001 certification was awarded across the whole organisation in December 2020. This means that certification now covers the protection of all information and data assets for the delivery of all GMSS functions, services and activities.

ISO 27001 certification lays out the specification for an ISMS to be used throughout the organisation. This ensures information is protected maintaining the confidentiality, integrity and availability of data, providing our customers with significant assurances of the protection of their information. 

We are very much a leader throughout the NHS with GMSS being one of the first NHS organisations to achieve ISO 27001 certification with such a comprehensive scope.