Banks and Financial Services
E-Commerce
Insurance
Mobile Messaging
Gaming & Gambling
Communication and Service Providers
Identity & Verification Providers
eBooks
News
Case studies
Podcasts
Developers
Viteza
FAQ
About us
Events
Careers
Contact us
Articles

Our Journey to ISO 9001 and ISO 27001 Certification

Nigel Coulson
Security & Compliance Manager
Published on: June 4, 2024

8 min read
A hand holding a certification badge icon, with text reading "Our Journey to ISO 9001 and ISO 27001 Certification" by Nigel Coulson. A "Read Now" button and tmt id logo are present.

“Our journey to ISO 9001 and ISO 27001 certification has been a major milestone. It’s a testament to our dedication to doing things right here at TMT and continuously looking to improve and evolve. As we move forward, we’re just as committed to maintaining these high standards and delivering the best for our customers and partners.” — Nigel Coulson, Information Security Manager, TMT ID

Why we went for it

Getting ISO 9001 and ISO 27001 certification has been something of a long-held ambition for us here at TMT ID.

These certifications aren’t just window dressing — they show we’re serious about security and keeping all the data we process safe and secure.

As a business we rely on large-scale datasets both inside and outside of our core network, and it is therefore business-critical to maintain the highest standards for our data handling and information security.

We are also a business whose client base expects the highest levels of data security and quality of service. We knew we already had robust and effective controls and processes in place, but we needed to be able to challenge this assumption and demonstrate the effectiveness of these controls.

We started our journey with Cyber Essentials and IASME certifications but knew that ISO 9001 and ISO 27001 were the goal.

The ISO standards set the bar for quality management and information security, and we wanted to prove we could meet those very high standards. We also wanted to demonstrate to our customers and partners that we’re dedicated to doing things right and protecting their data.

ISO 9001 and ISO 27001 standards

The ISO 9001 standard is all about having a solid Quality Management System (QMS) — a management system that helps us meet our customer needs and adhere to regulations and best practice whilst always looking to improve. ISO 27001 focuses on Information Security Management Systems (ISMS), making sure we keep all the data that we hold or process safe from any threats.

Initial steps

Our first action was a detailed gap analysis exercise. We needed to see how we measured up against these standards. Armed with this, we put together an Information Security Management System team from across the business — Security, IT, Operations, HR, Legal and our CTO — to lead the charge.

Building our management systems

We set ourselves a set of clear, achievable quality goals that matched our business aims. We mapped out all our key processes, looking for ways to streamline and cut out inefficiencies, and making sure that processes joined up effectively across departments’ documentation. We put together detailed policies, procedures and work instructions to ensure everything was done consistently and reliably. We ensured our customer satisfaction and feedback measures were effective and that where lessons learned were needed, we tracked and implemented them.

We also took a hard look at all the possible risks to our information, assessing how likely and how severe they were, and implementing corrective or mitigation measures to tackle those risks — including improved access control, improved data encryption, integrity checks on backups, and incident management exercises.

We then created clear policies for how to handle information security, from data protection to dealing with incidents, educating our people about best practices and making sure everyone knew how to keep our data safe. We put in place regular exercises to test the effectiveness of our training.

Continuous improvement

With these policies, processes and systems now in place, we had to keep checking and improving them. We achieved this through regular internal audits, supported by our Security Operations Centre partner, who are themselves ISO-certified auditors. Together we audited our systems to find any issues and identify ways to improve. Throughout, we held management reviews to keep those who lead our business informed, and their input helped us stay on track and keep improving. Whenever we found problems — and I’m pleased to report we didn’t find many — we fixed them quickly and made sure they wouldn’t happen again.

Final certification audits

After all of this, the final hurdle was the certification audits, conducted by an external body. We had taken the decision to put all our activities in scope for ISO and consequently our audits took place over a number of weeks with multiple auditors. They went through our systems with a fine-tooth comb, checking everything against the ISO standards. We are delighted to have completed our final Stage 2 audit with zero non-compliance findings. Passing this audit was a huge moment for us — the culmination of a lot of hard work and effort from the entire team here at TMT ID. All our hard work had paid off.

In conclusion

Achieving ISO 9001 and ISO 27001 certification is a significant milestone for TMT ID. It shows we’re committed to delivering top-quality services and keeping our data secure. We firmly believe these certifications will help build confidence with customers and partners alike, with the knowledge that the controls and processes we have in place to manage their data have been scrutinised by a team of professional auditors and found to be effective. Fully aligning our processes to ISO will help us run more efficiently, manage risks better, and foster a culture of continuous improvement across quality and security.

Last updated on June 23, 2026

Contents

Related Articles

Two professionals in a business investment handshake, representing the acquisition of Phronesis Technologies Ltd by TMT Analysis.

TMT ID acquires Phronesis Technologies Ltd

 Digital branding concept: a person holding a smartphone displaying a logo transition, symbolizing the brand evolution of "tmt id" as introduced by victor martinez.

Transforming TMT Analysis into TMT ID: The Brand Evolution

 Promotional banner for 'TMT Talks' featuring an interview with Cameron D'Ambrosi and Fergal Parkinson, highlighted by a graphic of a hand holding a megaphone.

TMT Talks Speaks To Cameron D’Ambrosi

Ready to get started?

We provide the most comprehensive device, network and mobile numbering data available

Contact us > Chat to an expert >