When it comes to security and assurance, Civica Services is second to none!
At Civica your security is our priority and Civica cloud services come with the highest standards in security, compliance and quality assurance. We have a team of experts from across the business who drive our systems and processes forward, for the benefit and assurance of our customers and to ensure continuous improvement. That best practice is incorporated into our day-to-day operations.
Information Security – ISO 27001
ISO 27001 is an internationally recognised best practice framework which helps companies identify the risks associated with important information and enables the appropriate controls to be put in place to help reduce this risk.
Civica Cloud & Managed Services have achieved certification since 2009 and upgraded to the latest version (2013) of the standard in 2015. Continued compliance with this standard is ensured by regular external audits and inspections and support by senior management within Civica.
Civica is committed to complying with the ISO 27001 standard and ensuring the confidentiality, integrity and availability of information. Civica Security Policies are firmly in place to minimise the impact of security incidents and/or prevent them altogether, delivering peace of mind to the customer.
IT Service Management – ISO 20000
Civica Cloud & Managed Services achieved certification for ISO 20000, the service management system (SMS) standard, in September 2014. This re-enforces our commitment to high quality IT Management standards and high quality services to organisations of all sizes.
Compliance requires providers to demonstrate that they can plan, establish, implement, operate, monitor, review, maintain and improve the SMS in order to design and deliver services to meet agreed customer requirements. This ensures our customers can have complete confidence in the IT management and service we deliver to them.
Business Continuity - ISO 22301
The ISO 22301 certification ensures Civica has a management system in place to protect against, reduce the likelihood of, and ensure that the business recovers as swiftly as possible from disruptive incidents. This means that Civica are able to identify threats relevant to it's business and their impact on critical business functions. Therefore customers can have confidence that Civica are prepared for a disruptive incident and are able to return to ‘business as usual’ as quickly as possible.
Payment Account Data Security - PCI-DSS
PCI-DSS is the Payment Card Industry Data Security Standard, and is a worldwide standard set up to help businesses process card payments securely and reduce card fraud. It does this through tight controls surrounding the storage, transmission and processing of cardholder data that businesses handle. PCI DSS protects sensitive cardholder data, alleviating security and fraud concerns for our customers.
Civica hosts PCI-DSS compliant payment systems for a number of public and private organisations and are externally audited on an annual basis to ensure continued compliance.
Secure Hosting of NHS Services – IGSOC N3
The Information Governance Statement of Compliance (IGSoc) is the process by which organisations enter into an agreement for access to the NHS National Network (N3). The IGSoc process sets out an auditable range of security related requirements which must be satisfied in order to provide assurances in respect of safeguarding the N3 network and information assets that may be accessed. Utilising ISO 27001 security controls, this process is completed annually by Civica, which means IGSoc requirements are met, ensuring compliance and the upmost security for our customers.
Quality – ISO 9001
As the world’s most recognised quality management standard, ISO 9001 is based on a number of quality management principles including a strong customer focus, top management commitment, a process approach and continual improvement.
As a company dedicated to the delivery of market leading products and services, Civica’s customer focused QMS provides a best practice framework and continuous improvement approach. Driven through our Quality Policy and Procedures, Civica are committed to the ongoing monitoring and review of the QMS enabling best practice to be incorporated into our day-to day operations.
Environmental – ISO 14001
ISO 14001 is an international standard that helps reduce a company’s environmental impact as well as promoting a sustainable business.
Civica’s Environmental Policy provides a strong and clear framework which our environmental initiatives are based upon. Working with our customers, suppliers, partners and employees, Civica look to recognise and reduce the environmental impact on operations both internally and externally.
Occupational Health & Safety – OHSAS 18001
As an internationally recognised best practice framework for Occupational Health & Safety, OHSAS 18001 assists companies in establishing the policies, procedures and controls needed to achieve the best possible working conditions.
Civica is committed to promoting a safe and healthy working environment for all employees through the implementation of safe systems of work. Our Occupational Health & Safety Policy outlines our commitment to health and safety which is enabled through the engagement of our employees, contractors and visitors. Providing the correct working environment for our employees, allows them to deliver and meet our customer needs to the highest standards.