Blue Connections IT makes operational improvements with new certification

Blue Connections IT has achieved ISO/IEC 27001:2022 certification for information security management systems (ISMS) to bolster its security practices for clients, operations, and supply chain.

The two-year effort was led by Blue Connections IT’s chief information officer (CIO) Cameron Crofts and involved every department achieving the certification.

The process began in early 2022, with Blue Connections IT aligning and releasing its internal processes to comply with the latest standard released in October of that year.

This ensured the certification would meet future needs and remain relevant as security threats continue to evolve.

Key updates included centralising IT management, restructuring operations, forming a dedicated security operations (SecOps) team, and conducting company-wide training.
 
Blue Connections IT conducted rigorous testing of its disaster recovery protocols throughout the process, documenting, testing, and continually refining these practices.

CIO Cameron Crofts said Blue Connections IT approached this process as an opportunity to formalise, test and continuously improve security practices across the business.

 “For some businesses, ISO/IEC 27001:2022 certification is a compliance exercise,” he said. “For Blue Connections IT, it was an opportunity to implement operational improvements that deliver lasting value, such as formalising vendor management and strengthening processes for handling cyber events.”

The certification also underscores a cultural shift within Blue Connections IT, with employees across all levels educated in security awareness from their involvement.

Blue Connections IT CEO Gordon Brownell said every department played a vital role in meeting the rigorous requirements and contributing to a strong security posture while delivering ongoing value to clients.

Blue Connections IT plans to pursue additional certifications to further strengthen its security framework and support its clients’ security objectives with its ISO/IEC 27001:2022 certification now in place.