Practical, Cost Effective and award-winning

Business Continuity, Crisis Management & Information Security Solutions


0800 035 1231 (Mon to Fri 9am – 5pm)

Suite 3, The Cotton Mill, Torr Vale Mills, New Mills, Derbyshire, SK22 4HS, UK

Implementing Multiple Certifications (ISO 22301, ISO 27001 and ISO 9001)

BS 25999The Client

The client is a small part of a global organisation operating in the UK and Ireland.  They have a workforce of around 100 staff, of whom half  are geographically dispersed and operate from home.  Most of the office-based staff work in a call centre.  They coordinate the distribution of incontinence products to individuals.

The Problem

As a key supplier to the NHS and Care Homes, the client was required to demonstrate effective business continuity and information security procedures.  The client also felt that this was good business, due to the vulnerability of the clients, the time criticality for some deliveries and the amount of sensitive data that is held.

The Solution

Cambridge Risk Solutions have worked with the client over a number of years.  We were initially engaged to implement an Information Security Management System (ISMS) for certification to ISO 27001.  Working closely with the business, this was implemented within a couple of months, having been designed so that it could be adapted to include ISO 22301 and for later inclusion of ISO 9001, which the client already held.  Shortly after successful certification to ISO 27001, the client decided to proceed with ISO 22301 certification, and we worked with the client to update the ISMS to create a fully Integrated Management System.  By this time, the revised ISO 9001 had been published, requiring our client to revisit the documentation that was in place.  Our consultant was able to easily extract the existing procedures and update the Integrated Management System to fully encompass the requirements of the Quality standard.

Current Situation

The Integrated Management System has now been in successful operation for some time, and encompasses all three standards as well as Labour Standards Assurance System (LSAS, an NHS requirement).  It is used as the basis for the NHS Data Security and Protection Toolkit, which the client is required to submit annually.  Cambridge Risk Solutions continues to assist with the maintenance of the Integrated Management System.

Get In Touch

We are always happy to answer any questions you may have, please either contact us by telephone, or by filling in the form below.

Please ensure that you do not divulge any sensitive data as this webpage is not secure.

Cambridge Risk Solutions offered us a first class service that you might expect from a much larger organisation. They combined this knowledge and professional approach with a real personal touch that made the process of developing our plan actually enjoyable.

more testimonials

  • Business Continuity Planning

    Effective planning that takes into account risk evaluation and business impact analysis, supported by clear and concise crisis management. We work with you to develop user-friendly plans.

  • Business Impact Analysis

    The Business Impact Analysis (BIA) is one of the most important, and least well understood, stages of the Business Continuity Management Lifecycle; we can assist with your BIA.

  • Training and Exercising

    No Business Continuity Management programme is effective without a significant element of training. Moreover, ongoing Crisis Management training and exercising is key. We can provide objective training and exercising.

  • Risk Evaluation and Control

    Risk evaluation and treatment provide a process to identify, prioritise and managing your risks. Cambridge Risk Solutions can assist with risk management for business operational and information security risks.

  • Statement of Applicability

    Which controls do you need to have in place? How do you link your risk assessment process into your SoA? How do you ensure that you have effective controls in place? We can assist with your SoA.

  • Integrated Management Systems

    Management Systems assist with your on-going management, maintenance and continual improvement. We work with you to develop a fully integrated management system, enabling certification to ISO 22301 and ISO 27001.