ISO External Audit Success

---

EPCC are delighted to be able to announce that we have passed our ISO 9001 Quality and 27001 Information Security external audits with flying colours.

We put the highest importance on service delivery and secure handling of customer data throughout the year. Despite this, it is still a nerve racking week when the external auditor comes a calling (virtually at the moment, in person in more normal times).

He spends a week with us looking at all aspects of what we do and how we do it and we have to produce the evidence to demonstrate this. With both standards being audited at the same time, we look at everything from service metrics and user feedback to systems logs and staff employment practices.

Every year we find something that we realise could be improved and create records to track improvement actions and their effectiveness. Whilst it is tempting to sit back after an external audit and feel relief that it is a whole year till the next one, we don’t do that. We carry on running and improving and learning and being nagged by the ISO lead (me!).