Surface chose to become certified to the ISO/IEC 27001 standard as part of their ongoing mission to support clear, customer-friendly security standards. After setting some future goals for the business, with a core focus on SAM™ it became an obvious requirement for ISO/IEC 27001 to be integrated within the business demonstrating IT accountability to their vendors so they can have peace of mind when using SAM™ software.

Achieving the ISO/IEC 27001 standard involves a three-stage security audit; firstly, carrying out an initial review of the company’s ISMS (Information Security Management System), followed by an in-depth, formal compliance audit to test the company’s ISMS against the ISO required standards. Finally, the company must complete regular follow-up audits to confirm they remain in compliance with the standard. Surfaces’ certification audit assessment was conducted by QMS, an accredited leading international certification body.


Thomas Harrison, Executive Assistant to Directors, said:

“ISO/IEC 27001 certification is evidence to clients that our IT systems are dependable and secure. It is of the upmost importance for us to demonstrate a commitment of our dedication to information security, and provide an assurance that all information is being protected to the highest possible standard. 

Achieving a certification like ISO 27001 offers reassurance to organisations so that they do not have to think twice about their data security with Surface. SAM™ is the future and has the potential to revolutionise the way in which assets are managed. 

As we help companies move away from an “Old-School” approach to inspection, it’s imperative we apply a robust method to secure and manage IT data. I would like to thank Stewart Porter from NOVIQA Ltd. for his support in attaining the standard.”

Stewart Porter, Executive Director at NOVIQA, also commented:

“ISO/IEC 27001 defines a set of best practice information security controls around which businesses can develop an Information Security Management System (ISMS). Established in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission, ISO 27001:2005 is designed to ensure businesses are implementing security in a consistent, coherent and cost-effective manner.

Surface have demonstrated, adopted and embraced the ethos of the Standard, and through their positive approach, their enhanced security operating procedures and culture being developed across their Organisation their Business will certainly develop further, ensuring and proving to be an excellent service provider, supplier and partner. 

Congratulations to all the team at Surface on achieving their ISO 27001 Certification and I wish them further continued growth and success over the coming years”.

Back to news