Environmental / Quality Policy

MWR InfoSecurity was established in 2003 and supplies services which support clients in identifying, managing and mitigating their Information Security risks. The mission of MWR InfoSecurity is to be able to supply these services in a cost-effective, environmentally conscious manner.

MWR InfoSecurity believes that its market expects a continually improving service. We aim to continually improve the service we provide to meet our clients’ requirements and to produce finished work that we can justifiably be proud of. Only by providing an outstanding service and product quality will we achieve our aims of long term success and sustained improvements. Our goal is to exceed our clients’ expectations at all times.

MWR InfoSecurity recognizes that all products and services generate environmental impacts and we are committed to minimizing our negative impacts and improve environmental performance.

This policy will complement our overall plan of promoting sustainable business practices and our Integrated Management System will provide the framework for setting and reviewing our objectives and targets, thus we commit to:

  • Integrating EMS / QMS into core business processes.
  • Protection of the environment, including prevention of pollution and other specific commitments relevant to the context of the organization.
  • Fulfilling our compliance obligations related to our environmental aspects.
  • Actively promote internal recycling.
  • Develop staff competencies, creativity, empowerment and accountability through appropriate development programs and show strong management involvement and commitment.
  • Maintaining, developing and continually improving the integrated Management System to meet the requirements of ISO 14001:2015 & ISO 9001:2015.
  • Enhance the systematic research and use of best preventive practices at all levels and ensure reliable risk management.
  • Achieve our commitments for quality, cost, and schedule.
  • Making policy available to interested parties via our website and communicate to all persons working for or on behalf of the company.

This policy will be reviewed on a regular basis to ensure it is compatible with the context and strategic direction of the Company.

Ian Shaw – VP Cyber Security - 1st July 2018


Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by NCSC for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.