ISO Certifications

BS EN ISO 9001:2015 Compliance

Brookes is certified as compliant to BS EN ISO 9001:2015 by the British Assessment Bureau (certificate number 219858)

BS EN ISO/IEC 27001:2017 Compliance

Brookes is certified as compliant to BS EN ISO/IEC 27001:2017 by the British Assessment Bureau (certificate number  215312)

It is the policy of Brookes to maintain a system designed to meet the requirements of ISO 9001 and ISO 27001 in pursuit of its primary objectives and the purpose and the context of the organisation.  

It is the Policy of Brookes to: 

• Strive to satisfy the requirements of all our customers, stakeholders and interested parties.  Make the details of our policy known to all other interested parties, including external where appropriate.  
• Comply with all legal requirements, codes of practice and all other requirements applicable to our activities; therefore, as a company, we are committed to satisfy applicable requirements related to information security/quality and the continual improvement of the ISMS and QMS.  
• Provide all the resources of equipment, trained and competent staff and any other requirements to enable these objectives to be met.  
• Ensure that all employees are made aware of their individual obligations in respect of this business management policy.  
• Maintain a management system that will achieve these objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”.  

 This Quality and Information Security Policy provides a framework for setting, monitoring, reviewing and achieving our objectives, programmes and targets.  

 To ensure the company maintains its awareness for continuous improvement, the Business Management System is regularly reviewed by senior management to ensure it remains appropriate and suitable to our business. The Business Management System is subject to both internal and external annual audits.  

Scope of the Policy

The scope of this Policy in relation to Information Security, relates to use of the database and computer systems operated by the company in pursuit of the company’s business of providing Software services to the Supply Chain sector. It also relates where appropriate to external risk sources including functions which are outsourced.  

The company recognises that customer service is an essential part of the quality process. The scope of this Policy, in relation to quality management, therefore embraces all interactions with the customer, or actions that have an impact on the services delivered to them. In order to ensure this is fulfilled, all employees receive training to ensure awareness and understanding of quality and its impact on customer service.