Blue Crystal Solutions nets dual ISO certifications

Blue Crystal Solutions has earned two ISO certifications after going through a comprehensive external audit.

The IT service provider is now ISO 9001 certificated through ISO 9001:2015 for quality management systems. It has also received the ISO/IEC 27001:2022 certification is for information security management systems.

Assisting the managed service provider in acquiring these certifications was ISO365 as its virtual CISO and Compass Assurance Services as an independent external auditor.

EDGE 2025

Blue Crystal said the certifications recognise its implementation of “robust quality management processes and a rigorous information security management system across its operations”. This covers consulting, project delivery and support for clients across government, education, utilities and enterprise sectors.

It also said the certifications come at a “pivotal moment” for the service provider as it moves deeper into data-centric services, like private large language model (LLM) deployments and modern data platforms.

Blue Crystal is also looking to expand further into defence and other sectors requiring secure solutions.

“Achieving ISO 9001 means our clients are guaranteed reliable outcomes, fewer defects and smoother engagements” said Blue Crystal managing director Vito Rinaldi.

“With a full complement of local consultants to support our clients, this is something we have always been able to deliver, and this certification just makes it official.”

Obtaining both ISO certifications involved a company-wide initiative that started with a comprehensive gap analysis and risk assessment. This was followed by process refinement and documentation across all teams and then ended in a rigorous independent audit.

The ISO 27001 certification in particular required Blue Crystal to maintain a live risk register that tracks threats; operates within a framework of 93 controls that safeguard information confidentiality, integrity and availability; and monitors, reviews and enhances security performance year after year.

“The certifications run for three years, but our commitment is daily,” added Blue Crystal general manager Emil Augustine. “Annual surveillance audits, a full recertification in year three and our own ongoing internal reviews keep us fully compliant and always improving.”

Blue Crystal’s dual certifications come months after it promoted senior account executive Josh Woolston to national sales manager.