Information Security and Data Protection

Information Security is of utmost importance to Thorogood which is why we are proud to be ISO 27001 certified and committed to ensuring continuous improvement of our Information Security Management System.

Our business is based on the handling of data and information. Our Information Security Management System preserves the confidentiality, integrity, and availability of information throughout our organization, and information that we handle on behalf of our customers.

All employees are educated in security best practices. We have an established process around the management of risk, asset management, acceptable use of assets, access rights, network security, incident reporting and logging, physical security, cryptography, managing change and ensuring information security within our own supply chain.

Thorogood is committed to the protection of personal data. As well as being ISO 27001 certified we are also GDPR compliant in our operations, and all employees are trained in data protection and GDPR.

At the outset of every client project, an Information Security Risk Assessment is completed by the Account Team to ensure that particular information security and data protection considerations for that customer and project are surfaced and addressed.

As a professional services firm, we make it our business to handle our customers’ data with the greatest of care. Being ISO 27001 certified demonstrates the strategic importance of information security and data protection to our organization and gives confidence to interested parties that Thorogood is a secure firm to work for and with.