We have started the week with some fantastic news here at Enovation HQ, we have been awarded ISO 27001 Certification!
What is ISO 27001?
ISO 27001 is the international standard that is recognised globally for managing risks to the security of information you hold. Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing the security of your information. ISO 27001:2013 (the current version of ISO 27001) provides a set of standardised requirements for an Information Security Management System (ISMS). The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.
The ISO 27001 standard and ISMS provides a framework for information security management best practice that helps organisations to:
- Protect client and employee information
- Manage risks to information security effectively
- Achieve compliance with regulations such as the European Union General Data Protection Regulation (EU GDPR)
At Enovation we have always aimed to provide the highest quality of service while ensuring the confidentiality, integrity and availability of our customers’ data are maintained at all times.
Through the implementation of Quality Management and later Information Security Management systems we have introduced internationally recognised standards to all processes throughout our entire services portfolio.
Since our ISO 9001 quality certification in 2012, we started working to align our information security practices with the ISO 27001 standard. All of our hosted infrastructure was only co-located in certified data centers and any cloud services we used were based on ISO compliant components. We introduced Business Continuity Management process and formalised our security policies to align with the more stringent standard requirements.
With the introduction of the GDPR (General Data Protection Regulation) legislation in 2016, we decided to embark on a project to introduce a personal data privacy framework and certify our Information Security Management System. We wanted to provide additional assurance for our customers that the security controls we put in place will help them comply with the more demanding privacy rules.
This project has now concluded and even though we see security as a continuous process, we can proudly say that we are ISO 27001 certified and we have become one of the very few Moodle partners that achieved this level of information security standard compliance.