RPS Receives ISO 27001 Certification from NSAI

RPS Receives ISO 27001 Certification from NSAI
Pat Breen TD, Minister of State for Trade, Employment, Business, EU Digital Single Market and Data Protection; Geraldine Larkin, NSAI Chief Executive; Connie Wiseman and Donogh McGrath, RPS IT Directors (Image: NSAI / Conor McCabe)

RPS IT Directors Connie Wiseman and Donogh McGrath were presented with RPS Ireland’s ISO 27001 accreditation certificate by Minister of State Pat Breen TD at an official ceremony at National Standards Authority of Ireland (NSAI) headquarters in Dublin recently this month.

With the EU General Data Protection Regulation (GDPR) coming into force later this month, becoming certified to this world-class standard for information security is a significant step in proving our compliance.

The ISO/IEC 27001 Information Security Management System provides requirements for establishing, implementing, maintaining and continually improving an information security management system. It provides organisations with a robust framework to manage their information – both on and offline. Our Irish offices worked through the planning and implementation of the system in 2016 and 2017 and following a successful audit by the NSAI in late 2017, we were recommended for accreditation.

ISO 27001 can provide a basis for evidence of compliance with the GDPR and provides a pathway to compliance regarding risk assessment, breach notification and asset management. GDPR will apply across all EU Member States from 25th May and has significant implications for businesses operating within the EU market.

Connie Wiseman, RPS IT Director said “This is a huge achievement for RPS. It puts us in a strong position as we approach the GDPR deadline of 25th May. Achieving ISO 27001 certification is confirmation for our public and private sector clients that we can deliver and manage their projects securely.”

Key to implementing the new system was communicating to staff that every RPS employee is responsible for information security. The process has involved changing habits in relation to information security and implementing procedures across all offices to protect sensitive information and personal identifiable information (PII) in line with GDPR. Project managers and teams follow improved procedures to ensure the security needs and expectations of all the stakeholders on their projects are considered and all PII is protected.

“While the GDPR is the largest overhaul of data privacy in decades, it is important that businesses do not fear it. Indeed, for Irish companies, being able to demonstrate compliance with the Regulation will offer competitive advantage in domestic, European and International markets.” said Pat Breen TD, Minister of State for Trade, Employment, Business, EU Digital Single Market and Data Protection.