Please note our content disclaimer in relation to blog posts.
Data is the lifeblood of every organisation we support. That’s why we’re proud to be certified to ISO/IEC 27001:2022 – the latest global standard for Information Security Management Systems (ISMS).
For clients, this means confidence that your data is managed with rigour, transparency, and resilience against evolving threats.
Why ISO 27001:2022 Matters
ISO 27001:2022 replaced the 2013 version with a sharper focus on the risks of today. Key updates include:
- Annex A controls consolidated into 93 streamlined requirements.
- New emphasis on cloud security and supplier due diligence.
- Enhanced focus on data lifecycle management and monitoring.
While many agencies still reference ISO 27001:2013, our certification is aligned with the 2022 revision – ensuring your procurement and compliance needs are fully met.
Security Controls in Practice at Cantarus
Our ISMS translates into safeguards you’ll feel in delivery:
- Access management: least privilege, regular recertification.
- Encryption: in transit (TLS 1.2+) and at rest (AES-256) across hosted platforms.
- Secure development lifecycle: OWASP best practice, code reviews, pen-testing.
- Business continuity & Disaster Recovery: tested backups, documented RTO/RPO.
- Supplier risk management: vetting sub-processors, continuous monitoring.
- Incident response: defined escalation paths, 24/7 breach notification commitments.
Proof of Certification
- Certification body: Peers Quality Assurance Ltd (UKAS accredited)
- Certificate number: QEC/12/5944099370
- Scope: “The provision of comprehensive digital solutions, including web and app engineering, online community platforms, experience design and branding, support and hosting services, data and insight, and consultancy.”
- Valid until: 27/08/2028
