- Find a home
-
Customers
- Welcome to Thirteen
- Frequently Asked Questions
- My Thirteen site
- Paying rent and charges
- Report it
- Find out
- Advice and support
- Get involved
- Leaseholders and shared ownership
-
Services for all
- Housing for vulnerable and older people
- Care and support
- Homelessness support
- Employment support
- Domestic abuse support
- Mental health support
- Support for ex-offenders
- News
-
About us
- Strategy, vision and values
- Governance
- Investor relations
- How we are performing
- Our policies
- Procurement
- Wayleaves, Easements, Permits to Work and Adaptations
- Environmental sustainability
- HiLab housing innovation lab
- Social investment and sustainability
- Board directors
- Committee Members
- Leadership team
- One billion pound investment
- Jobs
- Contact us
Thirteen gains ISO status
Housing organisation Thirteen has gained the prestigious ISO27001 accreditation for its work to manage information and keep data secure.
17 Jan 2022
ISO27001 is the international standard for information security and risk. It assesses the systems and processes that organisations have in place to manage and improve how information and data is kept secure.
Hassan Bahrani, head of IT at Thirteen, led on the accreditation project. He said: “Applying for ISO27001 was a really rigorous process that involved people from right across Thirteen.
“We hold a wide range of data, which includes very sensitive information about customers and other people we work with. So it’s essential that we have robust systems and processes in place to keep this data safe.”
To assess its progress, Thirteen asked assessors from SGS United Kingdom Ltd to audit its processes and systems. The assessors met with staff from teams throughout Thirteen to build a picture of how information is managed in the organisation.
From October 2021, assessors from SGS interviewed staff, examined policies and processes, and scrutinised the ways that Thirteen stores and manages its data.
The ISO/IEC 27001 auditor from SGS, said: “I was really pleased and impressed with Thirteen’s systems, in particular the automation, how the systems are used, and good practice within the project management governance.
“It was also good to see great use of automated workflow tasks and the overall information security management system was at a high standard, so ISO/IEC 27001 certification is recommended.
“I’d like to thank Thirteen’s staff for their openness and assistance during this audit.”
Thirteen has done a lot of work over the past few years to put measures in place to manage information securely. And every member of staff has played a part – from completing regular e-learning courses to implementing new systems that manage the information the organisation holds.
Hassan continued: “It’s vital we have this accreditation as it confirms that we have the right systems and policies in place to protect the data we manage.
“This will help us retain some important contracts and gives us the opportunity to bid for new work in the future, so it’s fundamental to the development of our business over the next few years.”
In addition to the management of its information, the assessors also looked at security measures for Thirteen’s buildings and facilities, HR processes, communications and purchasing practices.
They also talked to staff as part of random awareness interviews where they were asked about how data security plays a part in their role.