Company Spotlight: Quadra Consulting
1) For those who might not know what Quadra does, can you tell us a bit about your services?
Quadra, established in 1991 and based in Holywood, Co. Down, and Dublin, is a global leader specialising in assisting clients to achieve and maintain certification to a wide range of ISO related management system standards. ISO standards are common place in many businesses nowadays and greatly assist in; developing corporate reputations and credibility, establishing competitive advantages and helping businesses improve tender success and grow in general. Our team of specialists implements management systems to the requirements of ISO standards such as Quality Management, ISO 9001, I.T. Service Management ISO 20000, Business Continuity ISO 22301 and Information Security Management, ISO 27001, amongst other well-known standards. We provide training and associated support services to ensure our clients are always maintaining best practice.
2) Cyber-security is becoming increasingly important, especially with things like GDPR imposing severe penalties for data breaches. How can ISO 27001 certification protect a company from those risks?
Firstly, having an Information Security Management System in place does not guarantee that a data breach will not take place, or that you will not receive a fine. HOWEVER, not having one in place will massively increase the probability of a data breach occurrence and can be potentially disastrous for companies, notwithstanding the damage to reputation, the heavy penalties laid down by the likes of the Information Commissioner’s Office must also be considered.
High profile cases such as British Airways’ data security breach and subsequent £183m fine, have shown the hazards of not establishing a robust framework for the management of information security risk in your business. Having an Information Security Management System in place to the requirements of, for example, ISO 27001, provides customers with an assurance that the service provider operates a robust information security structure and framework.
Other than the obvious advantage in that certification is an independent review of your organisation’s security structures, there are numerous benefits to having an accredited ISMS
3) Quadra assists clients to achieve ISO standard certification across a wide range of fields. Which certifications should Northern Ireland's tech companies be looking at other than 27001?
There are a variety of ISO standards available that are suitable for technology companies regardless of size or number of employees. Quadra work with micro-companies right up to companies with several thousand employees in the Tech space in Ireland including Adaptive Mobile, Seopa, The App Builder, Aetopia and Tascomi to implement Information and Cyber Security standards. Other common standards suitable for tech companies include ISO 20000 I.T. Service Management ; ISO 22301 Business Continuity Management and ISO9001 Quality Management. The importance of the likes of holding probably the best-known standard, ISO 9001 Quality Management, should not be underestimated either, as can really assist in winning new business and establishing quality standards within a business.
We are also seeing a growth in companies seeking to implement either the basic Cyber Essentials (self-certified) or Cyber Essentials Plus (externally certified) badges, which can also assist companies to win new business, particularly from within the Government sector. We have been assisting companies to identify vulnerabilities in their systems, gaps in information security controls and providing best practice guidance to ensure their passage through the certification process is straightforward. Other than the obvious advantages of having I.T. technical controls in your business in good working order, being able to add a Cyber Essentials logo to your website to advertise your information security credentials establishes trust amongst the customer and client base.
4) Is often seen as something only large companies bidding for massive contracts need. What would you say to the smaller firms and start-ups in the NI tech scene about the value of certifications?
This is a commonly held misconception about ISO implementation. Regardless of size, every company can gain benefits from what ISO certification can provide. Some certifications are even better suited to smaller to medium-sized companies. There is also a lot of financial assistance available to help smaller companies both implement and become certificated to ISO standards, from the likes of Invest Northern Ireland, and the whole process need not be an expensive investment for any company deciding to obtain certification. If you are a small company in a mature, saturated marketplace looking to our grow your competition and looking for lucrative work, implementing management systems to ISO standards are an ideal way to get ahead of the competition and get your company spotted during the likes of tendering exercises. The benefits far outweigh both the initial investment and the potential risks involved in not considering ISO standard implementation for your business.
5) Can you give us an example of a significant success story about how ISO certification has helped an NI tech business?
Quadra have been working with N.I. businesses for almost 30 years and for the past 20 years have been assisting companies to implement Information Management Security Systems to the requirements of ISO 27001 and its predecessor, BS 7799. Typically, many companies seek our assistance to implement management systems to the requirements of ISO standards as it is a prerequisite for tenders, so, Quadra would like to think we have been able to assist literally 100s of companies to achieve success. Too many to mention!
6) Is there any other message you'd like to get out there to the NI tech community?
It's no secret that the NI Tech industry is booming and has been for several years now. In order to maintain that momentum, more and more companies will have to look at desirable export markets to sell their products and services into in order to grow. Competition is fierce in most marketplaces and having certificated ISO Standards can assist in making the difference in your company winning a lucrative piece of work or coming away empty-handed after so much effort.
If you feel ISO standards would benefit your company and you would like to have an initial conversation with one of our team, we would be delighted to speak with you on +44 28 90 423222 or you can email info@quadraconsulting.com
