At SGS DIGICOMPLY, we are pleased to announce that we are now ISO/IEC 27001 certified, formal endorsement from the International Standards Organization (ISO) of the quality of our Information Security Management System (ISMS).
Every day we work with billions of data records generated from the most heterogeneous sources. Moreover, our platform is used by some of the best compliance, quality and safety teams in the world to gather insights, analyze documents and data, create reports, and store important information for their business.
That's why we have worked hard to make our platform compliant to the ISO/IEC 27001 ISMS standard.
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an ISMS within the context of an organization.
In the case of SGS DIGICOMPLY, the purpose of this certification is to minimize risks by preventing security incidents.
This certification includes the following controls which are now applied to SGS DIGICOMPLY:
|ISO 27001 Control||Applied in SGS DIGICOMPLY|
|Information Security Policies||✅|
|Organization of Information Security||✅|
|Human Resource Security||✅|
|Physical and Environmental Security||✅|
|Systems Acquisition and Maintenance||✅|
|Security Incident Management||✅|
|Business Continuity Management||✅|
The purpose of implementing an information security system at SGS DIGICOMPLY is to ensure business continuity and to minimize the risk of damage by preventing security incidents and reducing their impact on the company, our customers and stakeholders.
Our aim is to guarantee protection of information assets against all internal, external, targeted or accidental security incidents, and in the event of an incident to reduce its impact to a tolerable level.
Moreover, we strive to guarantee protection of information against unauthorized access, ensuring the confidentiality of information, strict care for information integrity, consistent care for information availability in business processes, and the adoption and consistent application of measures resulting from legislation that applies to way we operate.
ISO/IEC 27001 certification is an important step for us, not only in guaranteeing the security of information, which we have always done, but also assuring it with certification against an internationally recognized standard.