Experian Data Quality (Experian DQ) is a leading provider of data quality and international address management software. Over 8,500 customers worldwide use its flagship QuickAddress solution suite, including Ford, Sony, Saab, Interflora and Birmingham City Council.

QuickAddress lets companies capture and verify address data quickly from just a postcode or partial address. It automatically cleans and maintains address information to ensure data quality.

Security breaches cost British businesses in excess of £18 billion last year, making data protection a serious challenge for every organisation. Experian DQ realised that, to unlock the next stage of its business development, ISO 27001 accreditation would be essential.

ISO 27001 is one of the most widely recognised security standards in the world. The accreditation would give Experian DQ a valuable set of measures and controls for implementing an enterprise-wide information security policy.

That, in turn, would have a range of business benefits, as Warwick Taylor, Experian Data Quality IT Manager, explains:

“We understood that ISO 27001 was a necessary part of our product development. We also believed that it would help prove to our customers that our data can be trusted and would help strengthen our industry perception as a quality data solutions provider.”

Accreditation would be a major undertaking and Experian DQ quickly realised that they needed outside help. The business invited a number of companies to tender and chose Codestone because of its reputation for speed, accuracy and a partnership approach.

“Codestone provided a very compelling proposition that fitted in with our plans,” says Taylor. “No one else we evaluated specialised so closely on security or came close to offering such a speedy accreditation period.”

Codestone’s first task was to implement a comprehensive information security management system (ISMS), as defined in the ISO 27001 standard. The ISMS aims to manage and mitigate threats, identifying and fixing vulnerabilities in people, processes and systems.

The ISMS process included a thorough investigation of Experian DQ’s business and organisational strategy, followed by a business-wide security audit to identify potential threats and vulnerabilities. A risk assessment process prioritised threats and agreed a mitigation strategy.

The end result was the ISO 27001 policy document, showing how Experian DQ could operate their environment, systems and networks in the most secure way.

Within 60 days of the consultancy, Experian DQ passed the BSI inspection at first attempt, becoming an ISO 27001 certified business. Taylor attributed this success to Codestone’s thorough and client-focused approach.

“I believe that this was achieved so quickly because Codestone committed 50% of its time to gaining a complete understanding of how our business worked,” he adds.

Accreditation has quickly proved its worth. It has provided a route to new data sets and subsequently new products, offering additional revenue streams for the company.

“By helping us to achieve our objectives within three months, we have been able to include new data sets into our product portfolio and expand the functionality of our offering. We have saved at least nine months by doing it in partnership with Codestone,” saysTaylor.

ISO 27001 certification is not a once-and-done process, and BSI assessors will conduct periodic reviews to make sure standards are maintained. Taylor says the company will happily enlist Codestone’s help in ensuring continuing accreditation.

Codestone’s Cybersecurity services are designed to protect businesses from known and emerging threats, giving leaders the confidence to innovate, expand and drive their organisations forward.

Click here for more on Codestone’s Cybersecurity services.