This week, Fonto has been certified for both ISO 9001 and ISO 27001. Thom Lejewaan, IQMS coordinator of Fonto, tells us about the certification.
Integrated Quality Management
Fonto considers Quality Management (ISO 9001) and Information Security (ISO 27001) as two inseparable aspects of its management system. Security is one of the most important aspects of quality for Fonto. And vice-versa, systematically controlling quality is the most robust way to prevent security vulnerabilities.
“As we look at both aspects in an integrated manner, we decided to establish one single system, which we call the Integrated Quality Management System or IQMS”, Thom explains. “This also implied that we chose to aim for certification for two standards (ISO 9001 and ISO 27001) in one go – which certainly didn’t make things easier, but now has the big advantage that we can build on the basis as we wanted it to be”.
The scope of the Fonto IQMS is the design, development, release, maintenance and licensing of content authoring software, as well as the support and services related to content authoring software.
A robust basis for growth
For a great deal, preparing the IQMS for ISO certification meant formalizing processes that were already in place. “Customers will likely not experience substantial changes when working with us, but the IQMS answers the need expressed by clients to formally show how quality and security are guaranteed in a sustainable manner”.
Much of the value of the IQMS lies in the robust basis that Fonto can now further build upon. There will be continuous monitoring of performance and improvements, and there will be a yearly internal and external audit. “We are a company that grows rapidly, and the IQMS ensures our customers that while we grow, quality and security will be as stable as our customers are used to today”, Thom adds.
The ISO 9001 standard – Quality management
“ISO 9001 sets out the criteria for a quality management system. This standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. These principles are explained in more detail in ISO’s quality management principles. Using ISO 9001 helps ensure that customers get consistent, good-quality products and services, which in turn brings many business benefits.”
The ISO 27001 standard – Information security management
“ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS). Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.”