Open Fifth is proud to share our recertification to the globally-recognised leading Information Security Management Systems Standard ISO/IEC 27001. This also represents the company's first assessment against the updated version ISO/IEC 27001:2022. Open Fifth's Certificate of Registration is publicly available online.

The certification audit was undertaken in May 2025 by the UKAS-accredited British Assessment Bureau, in which Open Fifth demonstrated conformity to every applicable requirement of the Standard. This is a testament to the investment and importance Open Fifth has placed on information security systems. We would like to thank the Open Fifth team for their ongoing commitment to the company's information security and their hard work during the rigorous third-party evaluation.

For our customers, certification to ISO/IEC 27001 provides critical assurance of our security practices for your data integrity and confidentiality, the cyber-resilience of our business systems and continuity, preparedness for evolving security risks, adherence to compliance requirements, and your trust in us as responsible stewards of your information and library systems.

Jonathan Field, Founder and Managing Director, shares:

"We're delighted to have renewed our ISO/IEC 27001 certification for another year. It is a certification that we have been proud to hold for over 10 years now and demonstrates our commitment to taking data protection seriously and mitigating information security risks as best we can.

Like many organisations we have been transitioning to the 2022 version of the standard. This contains 11 new controls and aligns better with current cybersecurity practices. It also compliments our Cyber Essentials Plus certification. All our staff at Open Fifth contribute and show a commitment to this standard in the work that they do for our customers day in, day out and helps us protect information assets in a consistent, auditable, and internationally recognised way."

In addition to ISO/IEC 27001:2022, Open Fifth also holds certification to the National Cyber Security Centre's Cyber Essentials and Cyber Essentials Plus standards. Through meeting the requirements and undergoing independent evaluation to these three voluntary standards, our customers can be confident in our dedication to protecting their information and our operations.

About ISO/IEC 27001

ISO/IEC 27001:2022, full name ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements, is ‘the world's best-known standard for information security management systems (ISMS). It defines requirements an ISMS must meet'.

An ISMS that meets the requirements of ISO/IEC 27001 and that is certified by an accredited body demonstrates its ability to preserve ‘the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.' (ISO, 2025).

Originally published in 2005, ISO/IEC 27001 has since been revised in 2013 and the most recent version of 2022. The revised ISO/IEC 27001:2022 version introduces additional controls to address emerging information security threats, in addition to structural changes for alignment with other ISO Standards.

About Open Fifth

Open Fifth Limited (formerly PTFS Europe Limited) is a UK-based company with the vision to make technology easy for libraries. We focus on enabling library users through high-quality, open source software solutions. Our way of working is characterised by listening, finding solutions, reliable delivery, and above all open communication. Our highly skilled team has a friendly and approachable style in delivering our quality implementation and support services.

We proudly work with customers across all library sectors, including public, academic, health, governmental, museum, law and special libraries. The reason so many customers continue to choose us is that we solve problems, we don't sell software. When libraries join us as a customer, they are gaining the expertise of our developers, trainers, data migration experts, and experienced account managers to support them throughout the journey. As an ISO/IEC 27001 accredited company, you can also rely on the quality and integrity of the support we're providing.