Information Security management – ISO 27001
As a communications and ICT company, BT is trusted to manage data on a global scale. Data governance is about how we ensure BT retains the trust placed in us, by managing data in accordance with the rules and the expectations of those whose data we handle.
Data governance is an umbrella term. It includes: data privacy; data protection; customer data handling; data incidents and reporting; data and information retention; e-privacy; and lawful interception.
Therefore it affects every area of our work, including how we deliver services, implement contracts, manage suppliers, win new business, and lead BT people. BT’s policy on data protection applies company-wide, our mandatory data protection training Courses ensure all our people clearly understand their responsibilities.
Our certification to ISO 27001 demonstrates to customers and prospects alike that BT will protect its data in line with internationally acknowledged information security standards and, as with all of the ISO certifications, compliance is independently assessed every six months.
BT was one of the first companies to recognise the strategic importance of combining ISO 9001 Quality Management with the added assurance of ISO 27001 Information Security. As an international security standard, it provides a model for setting up and running an effective Information Security Management System (ISMS)