Contact Us

NEWS

April News – ISO 27001, Training Courses & Information Security

Welcome to the April edition of our newsletter.

This month we are focusing on Information Security and ISO 27001, alongside updates on training courses, compliance, and what we’ve been busy with so far this year.

A Busy Start to 2026

It’s been a strong start to the year for QHSE Aberdeen, with continued demand for both our ISO consultancy services and ISO training courses in Aberdeen.

We’ve also recently welcomed new team members to support our growing client base, strengthening our capability across ISO 9001, ISO 14001, ISO 45001 and ISO 27001.

Information Security & ISO 27001

As businesses continue to invest in their systems and digital infrastructure, information security is becoming a key priority.

Protecting sensitive data, maintaining client trust, and demonstrating compliance with GDPR are now essential for most organisations.

For many businesses, becoming registered with the ICO (Information Commissioner’s Office) and gaining Cyber Essentials Certification is an important step, but implementing an ISO 27001 Information Security Management System (ISMS) provides a more structured and recognised approach.

ISO 27001 supports organisations to:

✔ Identify and manage information security risks

✔ Protect business-critical data

✔ Improve internal processes and controls

✔ Demonstrate compliance and build client confidence

Article content

Cyber Security & Resilience (NIS) Bill

The Cyber Security and Resilience (Network and Information Systems) Bill continues its journey through Parliament and is expected to introduce one of the most significant updates to UK cyber security legislation in recent years.

While the Bill focuses on essential services and major digital infrastructure, many SMEs will be affected, either directly or through increased expectations across the supply chain.

Who is likely to be in scope?

  • Managed Service Providers (MSPs) delivering IT, cyber security, or remote services
  • Data centres and critical digital infrastructure providers
  • Providers of electricity load control systems (e.g. smart devices, EV charging)
  • Digital service providers such as cloud platforms and online marketplaces
  • Critical suppliers supporting essential services or infrastructure

Even where organisations are not directly in scope, there will be increased scrutiny from clients, particularly during prequalification, tendering, and supplier evaluations.

What should businesses be doing now?

Assess whether you may be in scope If you provide IT, cyber security, or digital services, review whether the legislation may apply to you.

Understand your client base Identify customers who may fall within scope and anticipate their future requirements.

Strengthen information security controls Organisations will increasingly be expected to demonstrate robust processes and controls. An ISO 27001-aligned management system provides a strong foundation.

Review incident response planning The proposed legislation introduces requirements for rapid incident reporting (within 24–72 hours). Being prepared is essential.

Be aware of supply chain expectations Clients are likely to increase audits, due diligence, and contractual requirements.

Engage with your IT provider If you outsource IT services, it’s important to understand how your provider is preparing and what this means for your organisation.

We can support organisations in developing their information security processes, documentation, and ISO 27001 systems, helping reduce compliance burdens and prepare for both legislative changes and evolving cyber risks.

ISO 27001 Internal Auditor Training

To support organisations with their Information Security Management Systems, we are delivering our:

ISO 27001 Internal Auditor Course (2 Days) 📅 29th April

This course is ideal for those responsible for carrying out internal audits or managing ISO 27001 systems.

If you’re looking to strengthen your internal auditing capability or start your ISO 27001 journey, this is a great place to begin.

📩 Get in touch to book your place. https://www.qhseaberdeen.com/contact-us-iso-qh

Article content

Training & Development – Another Busy Period

Training continues to be a key focus for us, with a range of CQI | The Chartered Quality Institute & IRCA | International Register of Certificated Auditors -certified ISO training courses being delivered.

Upcoming courses include:

Article content
Training Calendar 2026

If you’re looking to improve auditing skills, maintain compliance, or support your management systems, we’d be happy to help.

Compliance Focus

With increasing expectations around data protection and cybersecurity, organisations should be reviewing:

✔ Data handling and storage procedures

✔ Access controls and permissions

✔ Information security risk assessments

✔ Staff awareness and training

Taking a proactive approach now can help avoid issues further down the line.

Client Success

We’re pleased to continue supporting our clients in achieving and maintaining ISO certification, with a 100% success rate across all standards.

Our focus is always on delivering practical, workable systems that add value, not just ticking boxes.

Several of our clients passed surveillance and re-cert Audits this month…..

Congratulations to prosource.it (UK) Ltd on their successful recertification to ISO/IEC 27001:2022.

Prosource were early adopters of the updated 2022 standard, choosing to certify as soon as it became available through their certification body, BSI.

Reflecting on their three years of certification, Prosource have found that the rigorous client tenders and due diligence processes required by their large enterprise clients have been significantly simplified. In addition, their head office team are now well-trained and equipped to identify and respond to security events and incidents, helping to reduce overall business risk.

QHSE ABERDEEN have partnered with Prosource over the past year, supporting them in streamlining their quality and information security management systems, maintaining compliance, and successfully navigating their certification audits.

Article content

Looking Ahead

With new training courses, upcoming ISO updates, and continued client demand, Q2 is already shaping up to be another busy period.

If you’re considering ISO 27001 certification, need support with your information security processes, or want to book onto one of our ISO training courses in Aberdeen, please get in touch.

Final Thoughts

It’s an exciting time at QHSE Aberdeen, and we appreciate the continued support from our clients.

Our office and training facilities are based at Westpoint House, Aberdeen, feel free to pop in for a coffee or contact us if you need support with any QHSE-related matters.

Until next time, stay safe and committed to continuous improvement.

QHSE Aberdeen

Share:

Archives

Recent Posts

Head Office

Site Links

Quick Links

Blog insights

Ⓒ 2022 - All Rights Are Reserved - QHSE Aberdeen Limited

Made with ❤ by Razor Digital Media