Nimbus is extremely proud to announce that we have achieved certification to ISO/IEC 27001:2022 Information Security Management (ISMS) from the business improvement and standards company BSI.
This certification demonstrates that Nimbus operates an Information Security Management System (ISMS) which complies with the requirements of ISO/IEC 27001:2022 for the provision of digital and technology services focused on Cloud technology and infrastructure to end clients, in accordance with our Statement of Applicability Version 1.0 dated July 2024.
From the outset, we recognised the importance of becoming certified with a United Kingdom Accreditation Service (UKAS) accredited organisation to ensure the certification was credible and impartial. We selected BSI on the basis of their excellent reputation and with the knowledge that we would be pushed to implement and be tested against a high-standard ISMS.
Over the past nine months, the team has made a fantastic effort to assess risk, implement people, process, and technology controls, and embed information security across our organisation. We are now operating a framework that reduces the risk of data breaches and loss of sensitive data by ensuring the confidentiality, integrity, and availability of data.
We would also like to thank our security partner, OmniCyber Security, for the support they provided to ensure certification preparedness, which has taken 9 months to complete.
Alan Hazell, Nimbus CEO, “Achieving certification to ISO/IEC 27001:2022 demonstrates our commitment to managing information security on behalf of Nimbus and our customers. I am really proud of the teams’ efforts and will continue to ensure improvements and maintenance of the framework going forward”.
David Mudd, Global Head of Digital Trust Assurance at BSI, states: “As businesses continue to transition more processes to a cloud-based model, and dependency on cloud-based solutions increases, trust in the security of these critical services is vital. Achieving certification shows Nimbus’ commitment to securing its information assets and aligning with global best practice around establishing digital trust. Nimbus deserves recognition for proactively managing information security and building resilience for the future”.