In February 2021, an NEC New Zealand team, led by General Manager for Finance and Commercial, Charles Anderton and Head of Cloud Services, Steve Grant, set out with the sole purpose of achieving ISO 9001:2015 (Quality Management) and ISO/IEC 27001:2013 (Information Security Management) certification for NEC New Zealand and we are proud to announce that in October 2021, we achieved our goal.
What is ISO?
ISO is an independent, non-governmental international organisation with a membership of 165 national standards bodies.
Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market-relevant International Standards that support innovation and provide solutions to global challenges.
What is ISO 9001:2015?
ISO 9001:2015 specifies requirements for a quality management system when an organisation:
a) needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
All the requirements of ISO 9001:2015 are generic and are intended to be applicable to any organisation, regardless of its type or size, or the products and services it provides.
The standard also contributes towards the following Sustainable Development Goals:
- No poverty
- Industry, Innovation, and Infrastructure
- Responsible Consumption and Production
- Life Below Water
What is ISO/IEC 27001:2013?
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organisations, regardless of type, size or nature.
What did we do to achieve ISO certifications?
To achieve ISO certification, we underwent a thorough evaluation process. This process included a review of our quality and information security management systems, management system documentation review, a pre-audit(s), initial assessment, provision of a number of audit artefacts and preparation of a Statement of Accountability.
What does this mean for NEC NZ?
Certification will add an extra layer of credibility to the fantastic work we do for current and future customers alike. It’s the seal of approval that assures our customers will receive quality expertise and solutions and now it has been externally verified and audited too.
As an organisation, we must maintain this certification annually which means there will be more work to come. This work will now move into Business as Usual becoming part of our normal activity.
ISO certification requires a lot of time, effort and hard work and it would not be possible without the input of the team here at NEC New Zealand. As well as Charles Anderton and Steve Grant, members of the team that worked so hard to achieve both ISO certifications include Daniel Harrold, Mel Barber, Mara Kerschbaumer, Helen Pizzini and Ellie Rowe who took on the role of Internal Auditor. Great job team!