Cyber Essentials Accreditation

This month, Epic Auditors are proud to announce that they have achieved certification from Cyber Essentials proving their dedication to guard against cyber threats and demonstrate a commitment to cyber security.

What is Cyber Essentials?

Cyber Essentials is an official UK, Government backed scheme that encourages organisations, of all sizes to adopt best practice in information security and ensures they take sufficient measures to prevent against the risks of possible threats against a whole range of cyber attacks.

This certification is awarded by means of an independent assessment of the business security controls and processes, it also gives peace of mind that company defences will protect against the vast majority of common cyber-attacks. Receiving this accreditation shows that EPiC Auditors have addressed those basics to prevent the most common attacks within their systems.

Richard Andrews, Managing Director of EPiC Auditors commented “Achieving the Cyber Essentials certification is crucial in ensuring our cyber security is as strong as possible to protect our clients’ sensitive data. Our clients can have the confidence and trust that we are following best practice guidelines and recognise the importance of keeping their information safe and our IT systems secure.”

EPIC Auditors are dedicated to investing in its cyber security and will continue to adopt best practices in their information security strategy to ensure that the data we hold is managed properly and kept in a secure and safe digital environment.

Trust us: IAG is not an acronym that you want to be too familiar with. It stands for Inspection Action Group, the multidisciplinary team at the MHRA that determines whether your organisation maintains or loses its manufacturing or wholesale dealers licence.

It may be surprising to some of you that after 50 years plus of pharmaceutical legislation and GMP/GDP regulations that 3-4 companies a month still find themselves being referred to IAG with the potential of having their licences suspended or coming under strict and costly surveillance by the MHRA Compliance Management Team.

However, this is not so surprising to us in the EPIC Auditors team. Most of us are ex MHRA Inspectors, and we know only too well that any change in the Senior Management of a company can have a significant effect on the quality mindset and compliance level of a site.

Hopefully it will be for the better but sadly all too often it is for the worse. Most of the companies that we work with require our help because the quality focus at senior level is inadequate. It is still rare to see a Quality Director on the Board of Directors and this role should be seen as important as that of the Finance Director and Operations Director. If all Senior Management Teams had the Quality training and Quality understanding required to run the business in a cost effective and compliant manner, then we might see a reduction in Inspection Action Group cases at MHRA.

It is our opinion that anyone appointed to a Senior Management Team role should undergo mandatory training in Quality Management and ICH Q 10 principles.  Those companies that we have provided this training for will hopefully endorse our thinking. It is a requirement of GMP that all employees have training in Quality Management and this includes the Senior Management Team. Failures to implement an appropriate Pharmaceutical Quality System and to conduct suitable and effective quality management reviews with the involvement of senior management, feature in the top 10 deficiencies raised by MHRA year on year. Ensuring the Senior Management Team are aware of and are trained in their quality role and responsibilities, should lead to fewer companies facing the threat of IAG.