ISO international standards ensure that products and services are safe, reliable and of good quality. For business, they are strategic tools that reduce costs by minimizing waste and errors, and increasing productivity.

One of the strengths of ISO standards is that they are created by the people that need them. Industry experts from over 160 countries drive all aspects of the standard development process, from deciding whether a new standard is needed to defining all the technical content. Both of our ISO certifications are based on the principle of continual improvement. 

A business assesses its current situation, fixes objectives and develops policy, implements actions to meet these objectives and then measures the results. With this information the effectiveness of the policy and the actions taken to achieve it, can be continually reviewed and improved. The adherence to these codes of practice is then demonstrated via independent auditing.

Barnett Waddingham is proud to hold Quality Management (ISO 9001:2015) and Information Security Management (ISO 27001:2013) accreditations and the details of each can be found below:

ISO 9001:2015 sets out the criteria for a Business Management System. It can be used by any organization, large or small, regardless of its field of activity. In fact ISO 9001:2015 is implemented by over one million companies and organizations in over 170 countries. 

The standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. Using ISO 9001:2015 helps ensure that customers get consistent, good quality products and services.

An effective management system has many benefits including:

  • more efficient resource use
  • improved risk management
  • increased customer satisfaction as services and products consistently deliver what they promise


ISO 27001:2013 is the only auditable international standard which defines the requirements for an information security management system (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls.

This standard helps to protect information assets and give confidence to interested parties including an organisation’s customers. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an organisation’s ISMS.

The benefits of an effective ISMS include:

  • identifying risks and putting controls in place to manage or reduce them
  • gaining stakeholder and customer trust that their data is protected
  • demonstrating compliance and gaining status as a preferred supplier
  • meeting more tender expectations by demonstrating compliance



Cyber Essentials certified

The security of our information and those of our clients is paramount. Alongside our ISO certifications, Barnett Waddingham has continued its commitment to further improving information and data security by gaining the Cyber Essentials certification. Backed by the UK Government, Cyber Essentials is becoming a mandatory requirement for many businesses handling sensitive information at moderate to high-level risk.

This standard confirms that our IT systems mitigate the most common internet-based threats, including use of secure configuration, boundary firewalls and internet gateways, access control and administrative privilege management, patch management and malware protection. 

View our Cyber Essentials certification