On January 16th and 17th, we had an external audit of our Information security practices. The audit was held remotely. For two days, external auditors checked the compliance of our processes with the legal and standard requirements. We have passed the audit without major non-conformities. However, we have been advised to improve the system even further with recommendations from the auditors.
Our certificate has been prolonged for one more year.
Since maintenance of the information security management system is a continuous process, next year, we will have a recertifying audit, when our processes are examined in depth to prove that the important information we are dealing with is well protected.
An information security management system is a set of policies, procedures, processes, and IT systems that manage information security risks, such as cyber-attacks, hacks, data leaking, or theft. Certifying to ISO 27001 and passing the audits conducted by external experts, we are proving that we put the best information security management practices in place.
By following the practice in place, we can adequately respond to incidents, avoid financial losses associated with data breaches, and comply with business, legal and contractual requirements. Besides protecting important information, the benefits of being ISO 27001 certified are that we can protect and enhance our market reputation, improve relations between existing clients, improve our competitiveness in the market, and win new clients.