ISO27001 and ISO9001
CESPHN is undertaking certification against the ISO 27001 Information security, cybersecurity and privacy protection — Information security management systems and ISO 9001 Quality Management Systems standards to improve the security of our information assets and to ensure quality management processes are embedded across all CESPHN activities.
Key highlights include:
- Development of new policies and procedures to ensure the security of our information and systems
- Development of new classification and labelling procedures to ensure the integrity, confidentiality and availability of information
- Development of new procedures in relation to procurement and third-party contracts with Cloud Service Providers and Commissioned Service Providers
- All core activities/processes mapped across CESPHN to streamline processes and ensure continuous quality improvement
- A focus on competencies and training in information security and quality management
Staff are tracking well towards internal audit in November 2025 and external audit in the first half of 2026.
