Performance in People enhance data security with ISO 27001:2022 certification

 

 

 

Industry: Customer Experience

Employees: 35,000+

Head Office: Isle of Wight

Areas covered: ISO 27001:2022 upgrade

Data security is imperative to Performance in People’s success and growth, as they manage large volumes of data for major UK brands.

To maintain robust data protection, Performance in People sought to transition from their ISO 27001 certification to the latest version, ISO 27001:2022.

Who are Performance in People?

Performance in People are the largest UK mystery shopping company providing a range of services to improve customer experience and sales performance. They work with world-class brands in the automotive, retail, hospitality and house building sectors, and deliver more than 5,000 mystery shops every month.

How have we supported them?

We started working with Performance in People in 2017 to achieve the ISO 27001 certification, which is a globally recognised standard designed to help organisations manage their Information Security.

Since then, we have supported them in upgrading to the latest version of the certification (ISO 27001:2022). We have achieved this through:

• Providing awareness training in relation to the key changes
• Provision, review and update of an ISO 27001:2022 transition checklist, to support in the identification of key gaps
• Providing guidance on implementing new controls in key areas such as: requirements for cloud exit strategies, threat intelligence and secure coding
• Updating core documentation to reflect how Performance in People meet the new requirements
• Supporting and attending Performance in People’s external transition process with Alcumus ISOQAR

How have they benefited?

Performance in People successfully transitioned to ISO 27001:2022 in March 2024, further assuring their clients and business stakeholders that they can have confidence in the way Performance in People operate in relation to information security.

What is the ISO 27001:2022 transition period?

The transition period for ISO 27001:2022 began on October 31, 2022, and it ends on October 31, 2025. During this time, organisations that have achieved the ISO 27001:2013 certification have three years to transition to the new standard. From May 1, 2024, all new certifications must follow the ISO 27001:2022 standards, and all recertification audits are advised to adopt this edition as well. So, make sure to plan your transition accordingly! 

Want to get certified?

Our highly experienced team specialise in solving compliance challenges, driving forward ISO certification, sustainability and other improvement initiatives.

Get in touch to find out more.