ISO Standards

ISO 9001 Quality Management

Phoenix Software has extensive experience of quality management systems and we are proud to display our ISO 9001 Certificate of Registration (FS554112). The scope of this registration covers Phoenix Software for software reselling, technical consulting and Software Asset Management.

As a company, we are committed to continuous improvement and to providing our customers with products and services which are enriched with ‘quality’ at the core. Our internal systems have been developed to provide the tools required to ensure maximum efficiency and control over the numerous and complex processes involved our activities.

Trevor Hutchinson, Phoenix Quality Manager, said:

“There were only very minor amendments required in order for our quality management systems to be successfully assessed. All of the quality documents were written around the roles that people were already carrying out. It is reassuring to us as a business and our customers that the systems we have developed over the past twenty five years have now been officially endorsed by BSI in our achievement of the ISO 9001 Quality Management Standard.”

Phoenix Software Quality Policy

Phoenix Software is dedicated to a Quality Policy that ensures that its products and services fully meet the requirements of the customer at all times. The goal of the Company is to achieve a high level of customer satisfaction at all times. Commitment to the implementation of supporting managerial and business operational systems is essential in realising that goal.

Phoenix Software believes in the concept of a customer and supplier working together in pursuing this policy and in the continual striving for improvements in service/supply quality.

The Quality Policy is based on three fundamental principles

  • Ensuring that we fully identify and conform to the needs of our customers
  • Every employee understanding their job and doing it correctly first time
  • Identifying the potential for errors and taking actions to eliminate them

To ensure that the policy is successfully implemented, staff will be responsible for identifying customer requirements and ensuring that the correct procedures are followed to meet these requirements.

Objectives needed to ensure that the requirements of the policy are met and that continued improvement is sought will be set, determined and monitored by the senior management team (Management Review).

The Quality Policy principles and objectives will be communicated and made available to staff at all times. Training will be an integral part of the strategy to achieve the objectives.

Within this policy we are committed to operating our Company utilising the criteria of a QMS conforming to ISO9001; 2008 which is planned and developed with our other management functions.

Phoenix Software is committed to operating to the standard and to maintaining the necessary quality approvals consistent with our customer requirements.

We shall ensure that all of our personnel understand and fully implement our Company policies and objectives and are able to perform their duties effectively through an ongoing training and development programme.

ISO/IEC 27001 Information Security Management

Phoenix Software Limited has a responsibility and strong desire to protect company and employee data. ISO 27001 has given the company a strong and extensive framework to hang our data protection processes on while still ensuring that the data information is made available to the relevant people, that it has integrity and is kept confidential.

ISO27001 has encouraged us to think deeper into data security and not to be complacent about our previous methods and processes by testing our defences and adopting a continual improvement ethos.

Information Security Management Policy

Phoenix Software Limited operates an Information Security Management System that ensures the confidentiality, integrity and availability of the information that is integral to the success of our business. The Information Security Policy encapsulates the processes and responsibilities associated to meeting ISO 27001:2013.

Phoenix Software believes that all employees have a role working within the guidelines of ISO27001:2013 to protect and safeguard the information that is utilised and held within the confines of the business.

The ISMS is based on three fundamental requirements

  • Confidentiality – all business and personal information is deemed confidential and must be treated as such. Information must not be disclosed to third parties unless it is necessary for business purposes
  • Integrity – business information must kept updated and stored correctly
  • Availability – procedures and access rights must be determined and information made available to approved parties

To ensure that the policy is successfully implemented, risks regarding the systems, personnel and processes that affect our business information are assessed and managed accordingly.

Objectives needed to ensure that the requirements of the policy are met and that continued improvement is sought will be set, determined and monitored by the senior management team through the Management Review process.

The Information Security Policy principles and objectives are communicated and made available to staff at all times. Training an integral part of the strategy to achieve the objectives.

We ensure that all our personnel understand and fully implement our Company policies and objectives and are able to perform their duties effectively through an ongoing training and development programme.

Cyber Essentials

Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.

Essentially, the Cyber Essentials scheme is a cyber security standard which organisations can be assessed and certified against. It identifies the security controls that you must have in place within your IT systems in order to have confidence that they are addressing cyber security effectively and mitigating the risk from internet-based threats.

The scheme focuses on the following five essential mitigation strategies within the context of the 10 Steps to Cyber Security guide:

  • Boundary Firewalls and Internet Gateways
  • Secure Configuration
  • Access Control
  • Malware Protection
  • Patch Management

Phoenix Software achieved the Cyber Essentials certification in September 2016 by ensuring that it had an adequate firewall deployment, documenting access control to company resources and then importantly securing all its systems on a regular basis with the use of patches, anti-malware and anti-virus products. By focusing on all these areas, Phoenix Software can guarantee to its customers and partners that it is actively working to reduce the risk of its data becoming compromised and its systems being hijacked by internet-based threats.