ISO Standards

ISO 9001 Quality Management

Phoenix Software has extensive experience of quality management systems and we are proud to display our ISO 9001 Certificate of Registration (FS554112). The scope of this registration covers Phoenix Software for software reselling, technical consulting and Software Asset Management.

As a company, we are committed to continuous improvement and to providing our customers with products and services which are enriched with ‘quality’ at the core. Our internal systems have been developed to provide the tools required to ensure maximum efficiency and control over the numerous and complex processes involved our activities.

Trevor Hutchinson, Phoenix Quality Manager, said:

“There were only very minor amendments required in order for our quality management systems to be successfully assessed. All of the quality documents were written around the roles that people were already carrying out. It is reassuring to us as a business and our customers that the systems we have developed over the past twenty five years have now been officially endorsed by BSI in our achievement of the ISO 9001 Quality Management Standard.”

Phoenix Software Quality Policy

Phoenix Software specialises in end-to-end IT infrastructure solutions including software asset management, software licensing, licence-management-as-a-service, hardware and devices, managed services, cloud services, data storage, data centre infrastructure management, enterprise software, servers, network security, unified communications and virtualisation.

Phoenix Software services Public Sector including NHS, Charites, Housing, Education and Corporate. This service can be affected by economic factors relating to budgets, legislative, social and environmental factors that are important to the relevant sectors.

As new technology emerges it is key that Phoenix Software offers up-to-date and relevant information to ensure customer satisfaction, retention and licencing compliance.

The Company aims, objectives and strategic direction adopted and believed in by the management are reflected in ‘Our Five Essentials’:

  • Deliver the best end-to-end customer experience
  • Understand, map onto and deliver against our customers core strategies
  • Maximise Phoenix Software’s whole portfolio, driving all aspects of our solutions
  • Plan for the future “three years out”, creating an evolving adaptable plan
  • Make Phoenix Software a great place to work

Phoenix Software is dedicated to a Quality Policy that ensures that its products and services fully meet the requirements of the customer at all times. The goal of the Company is to achieve a high level of customer satisfaction at all times. Commitment to the implementation and use of a Quality Management System supporting managerial and business operational systems is essential in realising that goal.

Phoenix Software believes in the concept of a customer and supplier/interested parties working together in pursuing this policy and in the continual striving for improvements in service/supply quality.

The Quality Policy is based on four fundamental principles:

  • Ensuring that we fully identify and conform to the needs of our customers
  • Every employee understanding their job and doing it correctly first time
  • Identifying the potential for errors and taking actions to eliminate them
  • Ensuring that the QMS enables the Company to achieve its business strategy

To ensure that the policy is successfully implemented, staff will be responsible for identifying customer requirements and ensuring that the correct processes are followed to meet these requirements.

Objectives needed to ensure that the requirements of the policy are met and that continued improvement is sought are set, determined and monitored by the top management team (Management Review). Phoenix Software believe that leadership and commitment from the top management is critical to the success of the QMS.

The Quality Policy principles and quality objectives are communicated and made available to employees and any other interested parties at all times. Training and awareness are an integral part of the strategy to achieve the quality objectives.

Within this policy we are committed to operating our Company utilising the criteria of a QMS conforming to ISO9001; 2015 which is planned and developed in conjunction with our other management functions utilising a risk/opportunity based thinking approach.

Phoenix Software is committed to operating to the standard and to maintaining the necessary quality approvals consistent with our customer requirements.

ISO/IEC 27001 Information Security Management

Phoenix Software Limited has a responsibility and strong desire to protect company and employee data. ISO 27001 has given the company a strong and extensive framework to hang our data protection processes on while still ensuring that the data information is made available to the relevant people, that it has integrity and is kept confidential.

ISO27001 has encouraged us to think deeper into data security and not to be complacent about our previous methods and processes by testing our defences and adopting a continual improvement ethos.

Information Security Management Policy

Phoenix Software Limited operates an Information Security Management System that ensures the confidentiality, integrity and availability of the information that is integral to the success of our business. The Information Security Policy encapsulates the processes and responsibilities associated to meeting ISO 27001:2013.

Phoenix Software believes that all employees have a role working within the guidelines of ISO27001:2013 to protect and safeguard the information that is utilised and held within the confines of the business.

The ISMS is based on three fundamental requirements

  • Confidentiality – all business and personal information is deemed confidential and must be treated as such. Information must not be disclosed to third parties unless it is necessary for business purposes
  • Integrity – business information must kept updated and stored correctly
  • Availability – procedures and access rights must be determined and information made available to approved parties

To ensure that the policy is successfully implemented, risks regarding the systems, personnel and processes that affect our business information are assessed and managed accordingly.

Objectives needed to ensure that the requirements of the policy are met and that continued improvement is sought will be set, determined and monitored by the senior management team through the Management Review process.

The Information Security Policy principles and objectives are communicated and made available to staff at all times. Training an integral part of the strategy to achieve the objectives.

We ensure that all our personnel understand and fully implement our Company policies and objectives and are able to perform their duties effectively through an ongoing training and development programme.

Cyber Essentials

Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.

Essentially, the Cyber Essentials scheme is a cyber security standard which organisations can be assessed and certified against. It identifies the security controls that you must have in place within your IT systems in order to have confidence that they are addressing cyber security effectively and mitigating the risk from internet-based threats.

The scheme focuses on the following five essential mitigation strategies within the context of the 10 Steps to Cyber Security guide:

  • Boundary Firewalls and Internet Gateways
  • Secure Configuration
  • Access Control
  • Malware Protection
  • Patch Management

Phoenix Software achieved the Cyber Essentials certification in September 2016 by ensuring that it had an adequate firewall deployment, documenting access control to company resources and then importantly securing all its systems on a regular basis with the use of patches, anti-malware and anti-virus products. By focusing on all these areas, Phoenix Software can guarantee to its customers and partners that it is actively working to reduce the risk of its data becoming compromised and its systems being hijacked by internet-based threats.