Jan 30 2019 voestalpine Metsec plc Certified ISO 27001 We take information security seriously, and that’s reflected in our recent ISO/IEC 27001 certification. Metsec is the only custom roll-forming company to be certified ISO 27001, providing market differentiation between Metsec and its competitors. What is ISO 27001? The standard provides an independent, expert assessment that information security, including financial information, intellectual property, employee details and third-party information, is managed in line with international best practice and business objectives. ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes. The Standard is designed to ensure the selection of adequate and proportionate security controls, that help to protect information in line with increasingly rigid regulatory requirements such as, the GDPR 2016, and the directive on Security of Network and Information Systems (transposed into UK law as the NIS Regulations and the DPA 2018). So what does this mean? For our customers the main benefit is improved customer and business partner confidence. As we align with their requirements, we provide the necessary systems and procedures to help prevent and safeguard customers, and Metsec’s commercially sensitive information from getting into unauthorised hands. Ongoing assessments shall be conducted by the BSI and they will take place on a regular basis. Metsec will have to demonstrate that we are making improvements and keeping up to date with potential information security threats to the business.