Accreditations

You can put your trust in CMCS to help you recover your business if the worst should happen.


Therefore, as the leading product and service provider in its sector, we work tirelessly to ensure our governance conforms to all relevant accreditations and standards.

We are extremely proud to have recently renewed all the current industry accreditations we hold, following a successful audit, and to have made improvements in all aspects of these standards. CMCS have also renewed the PCI DSS accreditation as a Level 1 Service Provider for yet another year.

Our Clients, quite rightly, place a lot of importance on governance and partnering with a business who are serious about not just having the relevant suite of accreditations, but also in adhering to the processes set out in them. They demonstrate a confidence and trust in our business by providing evidence that we will deliver the levels of quality and service that are expected. It is also vital that these accreditations are robustly audited, which is why at CMCS we use external 3rd party organisations to ensure that our governance conforms to all the relevant standards.

ISO9001 – Quality Assurance

ISO9001 is recognised as the world’s most widely adopted Quality Management System (QMS), currently being used by over 1 million organisations globally and sets the standard not only for quality management systems, but management systems in general. It helps all kinds of organisations to succeed through improved customer satisfaction, staff motivation and continual improvement.

ISO14001 – Environment

ISO14001 is a standard that sets out how businesses can put in place an effective Environmental Management System (EMS).
The standard is designed to help the Organisation minimize how their operational processes negatively affect the Environment, comply with applicable laws and regulations, and continually improve on those targets once met.

ISO22301 – BUSINESS CONTINUITY

ISO22301 is a standard that specifies security requirements for Disaster Recovery preparedness by implementing a Business Continuity Management System (BCMS). It helps the organisation understand and prioritise threats to the Business and specifies the requirements to protect against, reduce the likelihood of, and ensure the Business recovers from any disruptive incidents.

ISO27001 – INFORMATION SECURITY

ISO27001 is internationally recognised as an excellent model for implementing an Information Security Management System (ISMS).
It is based on a framework of policies and procedures that include legal, physical and technical controls that give a robust approach to managing information assets and ensuring building resilience. Protecting personal records and commercially sensitive information has never been more critical and this standard establishes consistent security levels and ensures managed improvement.

ISO45001 – OCCUPATIONAL HEALTH & SAFETY.

PCI DSS – PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (LEVEL 1)

ISO45001 is designed to prevent work-related injury and ill health, and to provide a safe and healthy work place. It not only increases organisational resilience through proactive risk prevention and continual improvement, but strengthens legal and regulatory compliance and demonstrates the Organisation’s responsibility by committing to a safe and sustainable work place for both staff and Customers.

PCI DSS is a set of policies and procedures intended to optimise the security of credit, debit and cash card transactions and to protect cardholders against the misuse of personal information. It was created and is jointly controlled by the 4 major credit card companies:

Visa, Mastercard, Discover and American Express.

Its controls are based on the premise that this can be achieved by managing 6 key factors, which are: A secure network, cardholder data always stored securely, the system is protected against malicious activity, system information is restricted and controlled, networks are constantly monitored and a formal Information Security Policy is defined, maintained and followed.

STANDARD 55 – CHEQUE & CREDIT CLEARING COMPANY

C&CCC control the production of Cheques and Giro Credits in the UK. As a member the organisation commits to producing Cheques to the C&CCC audit standard for cheque printers – Standard 55, and the Standard 3.1 – Automated processing of Vouchers (Debits).

Standard 55 was prepared by the C&CCC in association with BSI and is used in conjunction with ISO27001 and addresses 3 specific Information Security requirements for cheque printing, which are: Customer data and cheque products, origination work (e.g. signatures) and computer- based processes (e.g. transaction processing).