Registry Trust

Registry Trust maintains the statutory Register of Judgments, Orders and Fines – processing and maintaining data and making it publicly available for individual searches via their TrustOnline platform, and to their bulk data customers. These bulk data users are typically credit reference agencies and similar organisations who want to use the Judgment data to support detailed credit monitoring and reporting. 

As an impartial, not-for-profit company, Registry Trust’s mission is to use and share this ‘public data for public good’.  

The Challenge

To contextualise the scale of data that Registry Trust manages, they have approximately 5.5 million records on the public register.

Having a robust Information Security Management System (ISMS) is critical to their ongoing success. It is also vital that the ISMS meets globally recognised standards, which is typically a fundamental requirement when being considered as a trusted data supplier in many contracts and competitive tenders. 

Additionally, Registry Trust recognised that stakeholders, suppliers, and customers place high value on environmental responsibility. This awareness, along with their own commitment to sustainability and minimising environmental impact, fuelled their drive to find a way to demonstrate leadership in this area. 

The Solution 

ISO 27001 information security certification:
ISO 27001 is the globally recognised standard for information security. It provides a framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS), to protect sensitive data and manage security risks effectively.  

This certification was the perfect solution for Registry Trust, offering many benefits to their business, beyond keeping the data that they manage secure. 

ISO 14001 environmental management certification:
Alongside ISO 27001, ISO 14001 certification, the globally recognised standard for Environmental Management Systems, would help Registry Trust to demonstrate its commitment to sustainability and proactive management of its environmental impact. Registry Trust identified that stakeholders, suppliers, and customers highly value environmental responsibility as much as they do, making this certification an important step in aligning with their expectations.

Leading UKAS-accredited certification body, British Assessment Bureau:
Leveraging British Assessment Bureau’s structured guidance and training, Registry Trust could develop a secure information management framework while enhancing its environmental practices.

The Process 

Key highlights of Registry Trust’s ISO certification process were marked by strategic planning, comprehensive resources, and time-saving measures which included: 

• Structured, proactive planning: Collaborating with the British Assessment Bureau, Registry Trust implemented a structured approach that included forward planning for audits and requirements. They established a plan for the year ahead around which they could develop their own planning cycle to streamline the certification process.
• Robust support and resources: Access to a wealth of support materials, additional training, and guidance ensured Registry Trust was well-prepared to achieve and maintain its certifications with confidence.
• Comprehensive transition training: British Assessment Bureau provided detailed “Transition Training” for the updated ISO 27001:2022 Standard. Through resources like color-coded control guides and extensive transition documents, Registry Trust gained a clear understanding of updates, which helped in navigating changes and developing a practical implementation plan.
• Effective account management: Clear communication channels with a dedicated account manager allowed Registry Trust to address any questions or concerns promptly, ensuring smooth progress throughout the process.
• Efficient process alignment: By deciding to align ISO 27001 and ISO 14001 certifications, Registry Trust reduced the time and effort required in Stage 2 while concurrently conducting management reviews and audits to save additional time and resources.

Key Results

• Increased credibility as a trusted data provider: Achieving ISO 27001 and ISO 14001 certifications has greatly enhanced Registry Trust’s credibility, underscoring its dedication to data security and environmental sustainability. These certifications reinforce its reputation as a trusted data provider and responsible organisation, offering widely recognised assurances of quality and commitment to high standards.
• Valuable time saved responding to tenders: These certifications have simplified Registry Trust’s response to tender requests, streamlining processes by enabling them to readily provide verified evidence of their robust security and environmental controls.
• New opportunities to improve business performance: Registry Trust found that the auditors effectively balanced the formal requirements of their role with an open and engaging style to provide maximum value from the audit. Their constructive feedback on improvement opportunities was invaluable in supporting Registry Trust’s proactive, continual improvement strategy to help them grow their business with confidence.
• Perfect audit results through strategic collaboration: After five years of collaboration with British Assessment Bureau, Registry Trust successfully passed recent audits with zero nonconformities – a testament to the strength of British Assessment Bureau’s support and Registry Trust’s unwavering commitment to excellence.

The Experience with British Assessment Bureau 

Registry Trust has worked with British Assessment Bureau for over 5 years, and their experience has been overwhelmingly positive. Highlights of some of the feedback received from Registry Trust is noted below: 

• British Assessment Bureau’s auditors provided a clear, structured approach, allowing Registry Trust to easily present required evidence and involve the right team members at appropriate stages.
• We especially appreciated British Assessment Bureau’s proactive planning and the high quality of its training materials. Dr Luke Finey, who led the ISO 27001 transition training, delivered expert guidance that demystified complex requirements and reassured our team with credible, actionable insights.
• British Assessment Bureau’s commitment to consistency and support has enabled us to successfully maintain compliance and continually improve our systems and performance.

More About Registry Trust 

Founded in 1985, Registry Trust is a trusted, impartial, not-for-profit organisation working with public sector data. Responsible for managing the statutory Register of Judgments, Orders, and Fines on behalf of the Ministry of Justice and similar registers across other jurisdictions, including Scotland, Northern Ireland, and the Channel Islands; they provide reliable credit information to individuals, businesses and government bodies. Registry Trust maintains a commitment to data accuracy, security, and transparency. 

For more information on Registry Trust’s services or to explore its commitment to data security and sustainability, visit their website registry-trust.org.uk and follow them on LinkedIn and X.