If you are unaware of the ISO 27001 standard, it has served as the information security industry’s gold standard for the design of information security programs for the last decade. Last September, ISO 27001 received its first major update with the release of ISO 27001:2013 and we are delighted to announce that Ovation is now certified to this new standard.
ISO 27001:2013 is technology-neutral and utilises a top-down risk-based approach that evaluates the completeness of an organization’s security program whilst reflecting developments in the security world over the past few years.
Achieving this accreditation demonstrates Ovations commitment to ensuring information security through the implementation of control procedures in the following areas:
- Information security policies (2 controls)
- Organization of information security (7 controls)
- Human resource security – 6 controls that are applied before, during, or after employment
- Asset management (10 controls)
- Access control (14 controls)
- Cryptography (2 controls)
- Physical and environmental security (15 controls)
- Operations security (14 controls)
- Communications security (7 controls)
- System acquisition, development and maintenance (13 controls)
- Supplier relationships (5 controls)
- Information security incident management (7 controls)
- Information security aspects of business continuity management (4 controls)
This certification protects Ovation and its clients against potential fraud, loss of personal information, and any damage caused by cyber breaches. This means you can rest assured that when you work with Ovation your confidential and important data is safe with us.