Skip to Main Content

LRS Expands Scope of ISO 27001 Certification

It’s hard to believe that three years have passed since LRS earned our first ISO 27001 certification. As long-time readers may recall from his April 2021 Blog article, EOM Services VP John Runions provided an in-depth look at why LRS chose to pursue external certification for our LRS Managed Services offering.

In short, although we have long enjoyed a reputation of providing rock-solid enterprise software and exceptional customer support, LRS was a relative newcomer to the world of Managed Services and cloud hosted solutions. Traditional LRS customers – some of the largest organizations in the world – are justifiably cautious when entrusting a third party with managing the infrastructure through which their most business-critical information is delivered.

To ease any concerns and ensure our own internal processes were up to the task, we invited an experienced team of ISO auditors to peek behind the curtain and tell us how we what we were doing right or wrong and how we could improve our processes. After scrutinizing the information security management system (ISMS) LRS uses to deliver our Enterprise Output Management managed services, the auditing firm certified that our personnel, IT systems, policies, procedures and other elements of our offering conformed to ISO/IEC 27001:2013 standards.

But that was then, this is now. Nearly three years later, the ISO 27001 standard has changed. The LRS team has changed, with added personnel and an entirely new product support infrastructure. Most importantly, our managed services work with global enterprises in a variety of industries has taught us a lot about how to provide cloud-based EOM services and solutions at scale. As such, it was time to once again invite a team of outside auditors to take another look.

The result? An updated certification reflecting a greatly expanded scope of scrutiny and conformance with the latest ISO 27001 requirements.

Whereas our last certification tested compliance with the ISO 27001:2013 specifications and covered only our Managed Services offering, our most recent certification was on the basis of the most recent ISO 27001:2022 specification as they applied to:

  • LRS EOM Managed Services
  • LRS Enterprise Output Management software development
  • LRS Enterprise Output Management software support
  • The LRS IT Solutions cloud infrastructure used to host EOM Managed Services

This last bullet point may be of interest to readers of this Blog. Although we primarily talk here about printing, scanning, and other document-related issues, there are several other business units at LRS that provide IT products and services. The LRS IT Solutions group provides the technical expertise, software, hardware, security systems, etc. that enable us to confidently provide managed services for global organizations with tens or hundreds of thousands of devices. Like our EOM team, LRS IT Solutions personnel are leaders in their field, and our worldwide EOM customers benefit from our ability to leverage their robust infrastructure solutions.

Given the size and scope of cloud-based IT initiatives, it is natural for organizations to look for ways to mitigate risk in any way they can. Independent certification of key technology providers is one way for businesses to increase their confidence and trust when deciding whether to share control of a critical part of their business like the secure delivery of key business information. If you would like more detailed information about our expanded ISO 27001 certification status and what it means for your organization, please contact us and we will be happy to share what we know.