Penspen Achieves ISO27001 Certification for Information Security

Penspen, a leading international engineering consultancy, has achieved the prestigious ISO27001:2022 certification – a testament to our unwavering commitment to the highest standards of data protection and information security. 

The ISO27001:2022 certification is recognised globally as the benchmark for information security management systems (ISMS), and demonstrates a company’s ability to protect sensitive information, manage risks effectively, and ensure the confidentiality, integrity, and availability of data. 

Commenting on the milestone, Andrew Bond, Director of Information Technology at Penspen, said: “Achieving the ISO 27001:2022 certification is a significant milestone for Penspen. As the digital landscape continues to change, this achievement demonstrates to clients and partners that we are dedicated to upholding the highest standards of data management and information security. 

“Our commitment to protecting information security goes further than legal compliance – working safely and responsibly is embedded in the way that we operate at all levels of the company and the ISO 27001:2022 certification is testament to that. We’re thrilled to now be able to provide even more confidence and trust for our clients and look forward to continuing to improve.” 

Building on a Strong Foundation 

This latest certification builds on an excellent track record of ISO certification: 

• 9001 – standard for quality management systems 

• 14001 – standard for environmental management systems 

• 18001 – standard for health and safety management systems 

• 45001 – standard for occupational health and safety management systems 

• 50001 – standard for energy management systems 

In 2024, THEIA, Penspen’s digital integrity management software, also achieved this ISO27001:2022 certification, solidifying our commitment to assuring clients across all our service lines that their data is in safe hands. 

What This Means 

For our clients, the ISO27001:2022 certification is an assurance that we have robust processes and controls in place to safeguard their data against potential threats, and that we regularly review and improve our systems to adapt to the changing security landscape. 

• Full details of all certifications held by Penspen as well as our QHSE policies are available on our website.