ISO9001 – Quality Management Systems
We are certificated to ISO9001 which defines standard requirements for the delivery of quality goods and services by an organisation. The standard has the quality management principles of customer focus, leadership, engagement of people, a process approach, improvement, evidence base decision making and relationship management. The aim is to meet the client requirements in the most efficient and effect manner for both parties.
ISO27001 – Information Security, Cybersecurity and Privacy Protection – Information Security Management Systems
We are certified to ISO27001 which defines standard requirements for the control of information security by an organisation. The standard requires the identification and implementation of physical, technical and procedural security controls to deter, defend, detect and respond to security threats. This important aspects are the application and conformance to identified security controls. Aspects such as secure service design (cryptographic controls / transfer of physical media / etc.), HR Security (vetting / training / etc.) or physical security (secure access / clear desk/screen policy / etc.) are all within the scope of the standard.
ISO22301 - Security and Resilience – Business Continuity Management Systems
We are certified to ISO22301 which defines standard requirements for the preparedness of an organisation to react to business continuity incidents. The standard requires the identification of business impact analysis for organisational activities and the plans to be put in place for prioritised activities. The key aspects are the existence and relevance of emergency response and recovery artefacts, staff training and the response following an incident.
ISO14001 – Environmental Management Systems
We are certified to ISO14001 which defines standard requirements for the consideration and protection of the environment by an organisation. The standard requires the identification and continual improvement of environmental aspects and impacts. The key areas of focus are the performance against set objectives or compliance issues related to specific environmental aspects (i.e. waste management or control of environmentally hazardous chemicals).
ISO45001 – Occupational Health and Safety Management Systems
We are certified to ISO45001 which defines standard requirements for the protection of occupational health and safety by an organisation. The standard requires the identification of hazards and the assessment of health and safety risk. The key elements of the standard are the safety of work environments/equipment, staff training and the existence of safe working practises
We are certified by CREST for the provision of security testing, incident response, and threat intelligence. CREST works closely with national authorities around the world to align standards and professional qualifications for cyber security professionals. Their exams are regarded within industry as being rigorous, and individuals holding CREST certifications are expert in their respective fields.
We are certified by the UK’s National Cyber Security Centre (NCSC) as a quality-assured cyber services provider.
- For Cyber Incident Response, we have been a member of the CIR Scheme since inception, and regularly support organisations in need of both acute support as well as general CIR needs.
- For Security Testing, we are a member of the CHECK scheme. This enables us to provide assured testing to both public sector and critical national infrastructure organisations in the UK.
- For general cyber consultancy, we are a member of the NCSC Assured Cyber Security Consultancy scheme, providing expertise in areas such as Security Architecture.
We are included within the Directory of Cybersecurity providers which Swift publishes on its website. To be included within the Directory, Swift takes into account criteria including:
- Cyber security services experience and credentials
- Strategic focus on cyber security services
- Good reputation and commitment to customers in the financial industry
In addition, BAE Systems has worked closely with Swift on publishing various thought leaderships papers including:
Professional body memberships
Management Consulting Association (MCA)
We are recognised by the Management Consulting Association (MCA) for demonstrating Consulting Excellence. Consulting Excellence is a framework defined by the MCA (as the industry leading body) to express the mix of the long-standing commitment to quality service plus a relentless focus on innovation that typify the best consulting firms.
Visit the MCA website: https://www.mca.org.uk
Risk Management Delivery Group (RMDG)
We are a member of the Risk Management Delivery Group (RMDG), a partnership programme established by the UK’s Centre for the Protection of National Infrastructure (CPNI) aimed at creating strong and dynamic links with leading UK consultancies. The programme provides RMDG members with the benefit of direct access to CPNI protective security advice, briefings and support.
This enables member consultancies to provide their customers with informed and comprehensive services relating to protective security, and to address customer vulnerabilities in an integrated way. We are a member of CPNI’s Managed Services Provider’s Information Exchange. We are also a selected member of the BSI’s standards committees on Information Security, Enterprise Risk Management and Societal Security.
Institute of Risk Management
The Institute of Risk Management (IRM) is the world’s leading enterprise-wide risk education Institute. It is an independent, well-respected advocate of the risk profession, owned by practising risk professionals. IRM passionately believes in the importance of risk management and that investment in education and continual professional development leads to more effective risk management.
Visit the IRM website: http://www.theirm.org/
The world’s largest professional association dedicated to advancing technological innovation and excellence for the benefit of humanity. IEEE and its members inspire a global community through IEEE's highly cited publications, conferences, technology standards, and professional and educational activities.
Visit the IEEE website: http://www.ieee.org
Information Security Systems Association (ISSA)
A not-for-profit, international organisation of information security professionals and practitioners. The ISSA provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members. The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity and availability of information resources.
Visit the ISSA website: http://www.issa.org/
Institute of Operational Risk (IOR)
The stated mission of the Institute is to promote the development and discipline of Operational Risk and to foster and maintain investigations and research into the best means and methods of developing and applying the discipline and to encourage, increase, disseminate and promote knowledge, education and training and the exchange of information and ideas.
Visit the IOR website: http://www.ior-institute.org/
Institute of Engineering and Technology (IET)
The IET vision is sharing and advancing knowledge throughout the global science, engineering and technology community to enhance people’s lives around the world. The IET works to build an open, flexible and global knowledge network supported by individuals, companies and institutions and facilitated by the IET and its members.
Visit the IET website: http://www.theiet.org/
As an independent, not-for-profit global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.
Visit the ISACA website: https://www.isaca.org
International Information Systems Security Certification Consortium
Headquartered in the United States and with offices in London, Hong Kong and Tokyo, the International Information Systems Security Certification Consortium Inc (ISC)²®, is the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. The (ISC)2 is recognised for Gold Standard certifications and world class education programs.
Visit ISC2 website: https://www.isc2.org/
BCS – The Chartered Institute for IT
BCS, The Chartered Institute for IT champions the global IT professions and the interests of individuals engaged in the profession for the benefit of all.
Visit the BCS website: http://www.bcs.org
Chartered Institute of Information Security (CIISec)
The Chartered Institute of Information Security (CIISec) is the only pure play information and cyber security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information and cyber security. CIISec provide a universally accepted focal point for the information cyber security profession, it is an independent not-for-profit body governed by its members, ensuring standards of professionalism for training, qualifications, operating practices and individuals.
Visit the IISP website: https://www.ciisec.org