Articles, News

We’re now ISO/IEC 27001 accredited

At QStory, we know that your data is everything. That’s why we go above and beyond to help ensure it’s secure. Our ISO/IEC 27001 certification is just one example of that dedication, and it offers our customers a unique benefit.

The International Organization for Standardization (ISO) is an independent, non-governmental organisation with an international membership of 163 national standards bodies. The ISO/IEC 27001 family of standards helps organisations keep their information assets secure.

In effect, contact centres that use our Intraday Automation platform now have complete peace of mind that the data we handle is secure. This certification means we have an information security management system (ISMS) in place that protects you far beyond the standard requirements of GDPR.

To explain why, we’ve broken down the ISO/IEC 27001 certification – and what it means for your own security processes – below.

What the certification involves

ISO/IEC 27001 is the international standard for information security. It sets out the specification for an ISMS, which is what helps protect all forms of information within an organisation. Our accreditation also includes annexes from ISO/IEC 27017 and ISO/IEC 27018, providing additional controls over cloud security.

An ISMS increases your resilience to cyber attacks, enables you to respond to evolving security threats, and provides a central framework. That is, if you follow the best practices outlined by the ISO. Consequently, those who are accredited have proven to operate an ISMS that protects customer data, as well as prevent a range of security risks.

It’s not a legal requirement to adopt this standard. It’s up to organisations whether they wish to reassure their customers that these recommendations are being followed.

Why we’ve become certified

Obviously, the primary motivation is to protect your data. The nature of our business requires us to constantly process and leverage information, and without this certification, customers could rightly have questions about their security. But that isn’t the only reason.

As a business, ISO/IEC 27001 allows us to refine our data management behaviours so that we are continually prepared for an attack. Our team has a firm understanding of how we use and look after data, and we’re better upholding our GDPR responsibilities.

We have a lot of data here at QStory. And it’s essential that we minimise the number of potential avenues for that information to be misused or go missing.

How it helps our customers

Generally, this certification means that there’s much less risk for our customers. Because we’re regularly audited to ensure we’re still adhering to best practices, and because we follow the Plan-Do-Check-Act cycle that’s at the heart of ISO’s recommendations (which means we’re continuously improving), clients can also have faith that our high standards won’t slip.

Pair this with our Cyber Essentials certification, and you get a better understanding of the lengths we’re prepared to go to in order to make our customers feel safe.

Always committed to you

We pride ourselves on the level of trust we build with our clients. Balancing contact centre availability with demand requires total harmony between our service and yours, and we hope our accreditation is evidence of that.

If you’d like to know more about the difference we can make when we work together, get in touch on


Similar resources