With a growing number of threats and risks facing businesses every day, it’s never been more crucial to have a proper system in place to mitigate and manage issues when they crop up. A variety of ISO Standards can help businesses to do just that! And we’re seeing an ever-increasing trend of requests for Integrated Management Systems, which combine multiple ISO certifications to cover every aspect of their business. Such is the case with today’s guest, Todd Research. Todd Research have been in the business of designing, manufacturing and supplying X-ray scanners for 70 years. They have since expanded their product range to include other solutions, all designed to detect suspect devices. We’re joined by Caroline Banks, Support Manager at Todd Research, to learn about why they decided to implement ISO 9001 (Quality Management) and ISO 27001 (Information Security), including an insight into their experience with our ISO 14001 coaching programme, hosted on the isologyhub. You’ll learn ●      Who are Todd Research? ●      Why did they choose to Implement ISO 9001 and ISO 27001? ●      What challenges did they face? ●      The benefits of ISO 9001 and ISO 27001 ●      Their experience with our ISO 14001 coaching Programme   Resources ●      Todd Research ●      isologyhub ●      ISO 9001 ●      ISO 27001     In this episode, we talk about: [00:37] An introduction to Todd Research and Caroline Banks’ role as Support Manager there. [01:20] What is something not many people know about Caroline? She’s taken up running and started with the couch to 5K. She later completed a half-marathon in the same year, and has since gone on to finish 21 more half-marathons and 2 full ones!   [02:27] Who are Todd Research? They were founded in 1950, designing, manufacturing and supplying X-ray scanning equipment. They also provide service and maintenance for their devices worldwide. [03:11] What Standards are they certified to? ISO 9001 (Quality Management, inherited from a previous company) and ISO 27001 (Information Security Management) [03:48] What was the main driver for achieving ISO 9001 and ISO 27001? – For ISO 9001 – As a manufacturing company, they want to ensure that they can provide the best quality in terms of product and service. For ISO 27001 – This was more sales driven and was being requested in a lot of tenders, particularly Government tenders.   [04:35] How did Caroline manage an inherited Quality Management System? – Caroline completely revamped the inherited Management System, making it their own and adapting it to suit how they currently run their business. It involved a lot of review and removal of unnecessary documentation, with the end result of streamlining the whole system. They also appreciated a 3rd party coming into review and assist with the process. After moving to a new premises, they are still continually Improving system year on year. [06:25] How long did it take to achieve certification to ISO 27001? – They started in April 2021 with a Gap Analysis and gained certification in September 2021 (6 months in total). As they already held ISO 9001, they made the decision early on to integrate the two Standards into a Business Management System. [07:50] What was the biggest gap found after the initial ISO 27001 Gap Analysis? – The biggest challenge for Todd Research was carrying out the Risks Assessments. Getting Directors involved in the review of Standards and agreeing what risks applied to them took the most time in the early stages. [09:00] Caroline’s experience with ISO 27001 – While she had experience with ISO 9001, ISO 27001 was a whole new ball game. There are a lot of risks associated with Information Security including, phishing, malware, risks to hardware ect. This was all new territory for Caroline, but she adapted and learned a lot along the way. [09:50] What difference has the Management System made to the business? – It’s unique to them and their way of working, especially as a result