ISO far, ISO good - Journal | Strategic Design Consultancy | Folk

Journal

Article

ISO far, ISO good
Secure by design – Folk is ISO 27001 certified

ISO27001 Journal Header 02 RFS

It’S Official.  

We’re proud to announce that as of 13 June 2025, Folk is ISO 27001 certified.  

This year we’ve placed a focus on ensuring information security, cybersecurity and privacy standards across our systems, processes and culture at Folk are rigorous and secure – not just for us, but more importantly for our clients and partners. We understand the requirement to protect information for the business, government and not for profit organisations we work with. 

We’ve undertaken this uplift and certification process so that: 

  1. Your data is protected and managed with care. 
  2. You know you’re working with a safe and trusted partner, using systems and processes that meet globally recognised standards and are verified by an independent, accredited auditor. 
  3. Our teams can sleep well at night, knowing we’ve done everything we can to reduce the risk of a cybersecurity or privacy incident.  

What is ISO 27001? 

ISO 27001 is a globally recognised and respected standard for information security management. It outlines 116 key controls that organisations must implement to identify, assess and mitigate risks to data and systems. 

To achieve certification, Folk has been audited by an independent accredited external auditor who has verified our systems and processes meet these high standards. 

The journey to certification 

Over the last 8 months, we partnered with Sekuro, a cybersecurity and business resiliency firm, and Origin84, our IT and security partner, to build and strengthen our Information Security Management System (ISMS). 

Together, we: 

  • Assessed our technology and data landscape to identify key risks. 
  • Developed a clear action plan to address vulnerabilities. 
  • Rolled out new security-focused policies, systems, and internal processes (uplifting our ISMS). 
  • Completed multiple internal and external audits to validate our progress & achieve certification. 

What next?

While we’ve made great tracks this year in uplifting our ISMS – this isn’t a set-and-forget task – it’s an ongoing responsibility. 

ISO 27001 certification is built on a foundation of continuous improvement. Each year we complete rituals and processes that help us monitor and maintain our ISMS.

We strive for best practice approaches across all ISO 27001 controls to ensure we are up to date and prepared for what is a constantly evolving technology and cybersecurity landscape.

Have any questions? Get in touch. 

ISO Journal Tile RFS

Written by:
Joanne Paterson,
People and Performance Manager