Investis awarded ISMS certification
We are proud to announce that Investis is now ISO 27001 accredited. This means that our data security processes and procedures have been externally audited and recognised as meeting industry best practice – while we think this is great for our business, it also means that you know you are dealing with a partner you can trust. If you want to know about this in more detail, then please read on.
An information security management system (ISMS) is a set of policies that covers IT related risks; an increasingly important part of digital communications. The dependence of organisations on information systems and services means they are more vulnerable to security threats. Information is an asset; like other important business assets it is valuable to organisations and consequently needs to be suitably protected.
It is very important for each organisation to align information security management with business compliance and risk reduction. By proper identification and classification of assets and a systematic risk assessment of threats and vulnerabilities, an organisation can select appropriate controls to manage those risks and focus on the availability, confidentiality and integrity of organisational information to clients, shareholders, authorities and society at large.
At Investis, our aim is to provide seamless and secure Digital Corporate Communications Services to our clients. Thus we decided to go for ISMS certification.
The journey started in January 2011, with the formation of our ISO Core Committee at each of our office locations who defined the overall scope of certification and finalised the apex manual and aligned our internal procedures and policies with international standards including each of our information assets that would come under the scope of the certification. They also provided internal training to employees and conducted internal audits before the external certification audit was conducted by Bureau Veritas.
Our ISMS certification acknowledges that we at Investis maintain confidentiality and security of information about our own company and our clients, that we preserve the rights of ownership to intellectual property, use company information for authorised use only and ensure timely and authorised access and use of reliable data and information technology resources for our clients.
It has been an honour and has given me a great sense of pride to be a part of the certification program and I am very thankful to each and every member of Investis who has made this certification program successful, especially our ISO Core Committee and senior management for the support provided by them throughout.