What is the ISO 27001 certificate?
The ISO 27001 certificate is a globally recognised standard for information security. To obtain certification, organisations have to implement, maintain, and continuously improve information management systems and comply with 114 unique control measures. Compliance with these measures is assessed by a team of external auditors. If the integrity of your data handling methods meets the criteria, you will be awarded the official ISO 27001 certificate for three years.
Some examples of these measures are compliance with laws and regulations such as GDPR, secure development, the security of laptops and mobile phones, authorisations, cryptography, and physical security.
What makes ISO 27001 essential for information security?
The 114 control measures relate to the characteristics that are essential pillars of a reliable information security policy: availability, integrity, and confidentiality.
Availability: Data should only be available to authorised users when they need it. This also means that systems, networks, and devices must always remain operational.
Integrity: is data correct and the source to be trusted? An honest data policy means keeping data in the appropriate state – untouched and correct, authentic, and reliable.
Confidentiality: How private is the data? This means that only authorised users and processes are allowed to access or modify data.
"At iO, information security is very important. For years we have been doing everything we can to protect the data of our clients and our teams. This certificate was the logical next step."
Roelof Jan Vreeling, Information Security Officer iO
Do you want to know more about ISO 27001?
Contact us at iO. We will walk you through the process and give you an insight into the steps we took to comply with the ISO 27001 certification.