EPCC passes ISO 27001 Information Security and ISO 9001 Quality audits

EPCC recognises the importance of a process-led approach to the delivery of National Tier-1 and Tier-2 services such as ARCHER, ARCHER2 and Cirrus. The implementation of an ISO 9001-based Quality Management Systems has provided a framework to ensure that the services delivered meet user and customer requirements. It requires that service improvements are identified and the impacts of their implementation tracked, ensuring that the improvement is effective.

An example of effectiveness of this approach can be seen through the scenario tests used by EPCC to test service resilience to major incidents and disasters. Examples of having to work remotely following a building fire, and of having the service team numbers decimated by a food poisoning outbreak, were enacted and improvements identified were documented as a part of the service delivery processes. The impact of this work can be demonstrated in the current ability of the services to be able to be delivered successfully with staff working remotely from home. 

With the increasing importance of data analytics and data science, we have a long-term aim of becoming a leader in the secure hosting and management of huge and varied datasets to support data research. Key to the success of EPCC in providing data services is trust from our customers that we provide best practice in information security and data handling. ISO 27001certification provides a framework to deliver this best practice and demonstrates our achievement to our customer and user base.