ISO certification critical as payroll legislation hots up

20th December 2017

ISO certification is becoming increasingly critical in a new dawn for payrollers in 2018, with multiple ways in which mistakes can be punished. With legislation across payroll and HR at an all time high, and with the immensity of compliance to GDPR coming in May 2018 certification demonstrating effective control are becoming increasingly important.

IRIS FMP completed re-certification in December 2017 for ISO 27001:2013, ISO 9001:2015 , ISO 14001:2015, and ISO 22301:2012

ISO certification can be a useful tool to add credibility, by demonstrating that your product or service meets the expectations of your customers. For some industries, certification is a legal or contractual requirement.

ISO 27001:2013 certification is a great way for payroll teams to demonstrate their commitment to information security and any good payroll outsourcing company should have this by default.

Certification specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation.

If your payroll company doesn’t have this certification alarm bells should be ringing.

ISO 9001:2015 and ISO 22301:2012 can demonstrate the quality of management systems and business continuity. The ISO 9001:2015  standard is based on a number of quality management principles. These include a strong customer focus, the motivation and implication of top management, the process approach and continual improvement.

ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system. This system should protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. With payroll data under continual threat of theft, the recovery of data and protection following an incident should be a high priority.

The need to demonstrate your commitment to robust systems and procedures and the protection of payroll data in 2018 should be a top priority as we enter the New Year. If your payroll provider cannot give you the assurance you need then perhaps it’s time to change.