Contact

What are you looking for?

Some topics you might be interested in

SGS Annual ReportJob OpportunitiesUpcoming WebinarsSustainability Solutions

SGS presents the ISO/IEC 27001 certificate to Hip Hing Construction Co Ltd

05 Jan 2021
World Map Showing Connections 1600px

Companies in the construction industry produce and manage a large amount of highly-sensitive data including building models, contracts and legal documents, drawings, commercial and personal data. To protect a strong brand, we need to mitigate all vulnerabilities and prevent cyber-attacks.

SGS is glad to present the ISO/IEC 27001 Information Security Management Systems certificate to Hip Hing Construction Co Ltd (Hip Hing). The standard provides Hip Hing with robust information security controls covering a range of domains, from physical security to human resource security, from application development to business continuity, etc. By certifying to this international standard, Hip Hing shows that their planning, implementation, monitoring and continuous improvement of information security has reached the international benchmark of security management.

Neil Roberts, General Manager (Administration) of Hip Hing said: “The company's top management and I are delighted that we have reached this stage in the journey, and will be receiving today the certificate confirming that our Information Security Management System (ISMS) complies with the requirements of ISO/IEC 27001. We recognize however, that this is not the end of the journey, merely the end of the first stage. From here we will be looking to extend the coverage of our ISMS into other parts of our operations.” And he shared some more ideas about obtaining the standard as below.

What are reasons for applying the certification of ISO/IEC 27001? 

“As our industry and our business became ever more reliant on data and information, we recognized the need and so embarked on the journey of establishing an ISMS that would be ISO compliant and ultimately ISO certified. We chose to develop an ISO 27001 Information Security Management System (ISMS) to enable us to protect our information processing facilities and our information.“

What is the importance for construction industry to comply with an ISMS?

“Anyone involved in a construction project will be very aware of the fact that they create and process a lot of data, and produce a lot of information. There are many parties involved in construction contracts, and because of that information security is obviously a very important issue that surrounds construction projects.“

What benefits can you identify after complying with ISO/IEC 27001? 

“The basic goal of ISO/IEC 27001 is to protect three aspects of information, namely:

  • Confidentiality: only the authorized persons have the right to access information. 
  • Integrity: only the authorized persons can change the information.
  • Availability: the information must be accessible to authorized persons whenever it is needed,

and prevent security incidents from happening. The benefits of developing an ISMS is that these goals are achieved in a systematic and cost-effective way.”

What challenges did you encounter when managing your company in developing programs aimed at the information security? And how did ISO/IEC 27001 help? 

The development and implementation of an ISO/IEC 27001 certified ISMS provided the framework around which we defined our information security processes and procedures. It also will enable us to review and keep them up to date. This in turn will enable us to eliminate risk, but in the event of an information security incident, we will be able to react by deploying well defined, tested and trusted response measures.”

How SGS can help and the reason for choosing SGS? 

“SGS provides world-leading certification services which enables us to demonstrate that our processes and systems are compliant with international standards. We recognized their professionalism and their experience, and this was evidenced by the process we’ve been through. SGS conducted themselves in a very professional manner and we were delighted to work with them.”

SGS CERTIFICATION AND TRAINING SERVICES

SGS believes that rigorous and professional independent assessment services can help customers increase new business opportunities. SGS offers a variety of management system certification-related services, including certification audits and training courses. To inquire about any management system certification or related information, please contact us.

To purchase this service/ get a quote, please visit TIC Mall.

Get a 10% discount by enrolling a SGS Academy training course online now.

Related Articles

View All News
CC 2024Q1 Brightsight IEC 62443 Teaser
Features26 Mar 2024

Industry 4.0: Building a More Secure Connected World with IEC 62443

Building a compliance and risk management strategy around the IEC 62443 series of standards.
FCC Testing
Features26 Mar 2024

What is FCC Approval for Electronic Devices?

Understand the importance of FCC approval when accessing US markets for consumer electronics.
SGS presents ISO 14067 certification to Haier Air Conditioning
Features22 Mar 2024

Haier Air Conditioning achieves ISO 14067 Verification Certificate for Greenhouse Gases Carbon Footprint of Products

Analysis and audit by our experts deliver ISO 14067 verification certificate for a wide range of consumer products.
man sitting in office, using digital tablet to remote-control his smart home
Business News19 Mar 2024

Optimize Your IoT Devices with Regulatory Radio Testing

Regulatory radio testing plays a pivotal role in guaranteeing the flawless operation and legal adherence of radio frequency (RF) devices and equipment.  SGS can verify that these devices operate within defined frequency bands, power levels, and other specifications set forth by regulatory authorities.

News & Insights

View all
View all

Contact Us

Send us a message
  • SGS Hong Kong Limited

Units 303 & 305, 3/F, Building 22E,

Phase 3, Hong Kong Science Park,

Pak Shek Kok, New Territories,

Hong Kong, China