In continuing our commitment to helping customers make the information assets they hold more secure, Zetta is proud to announce we have achieved ISO/IEC 27001 certification, meeting the international standard on how to manage information security.
When it comes to information security most organisations have several information security controls. However, without an information security management system (ISMS), controls are often disorganised and disjointed, due to being implemented as point solutions to specific situations. Security controls in operation typically address certain aspects of information technology (IT) or data security specifically, leaving non-IT information assets (such as paperwork and proprietary knowledge) less protected overall.
ISO/IEC 27001 requires that management:
- Systematically examine the organisation’s information security risks, taking account of the threats, vulnerabilities, and impacts of breach.
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable.
- Adopt an overarching management process to ensure that the information security controls continue to meet the organisation’s information security needs on an ongoing basis.
Zetta’s attainment of the ISO/IEC 27001 certification means that we have been assessed by an external certification auditor and that our security controls have been implemented and are operating effectively. We can be confident that we are keeping our information assets and those of our clients safe.
You can learn more about ISO/IEC 27001 standards by visiting the ISO website.