We know that at GRiT we handle sensitive information of both our customers and business partners. We do not take the security of their data lightly, so in addition to penetration tests of our systems, we also undergo regular information and cyber security audits of internal processes. We successfully managed this and thus renewed the ISO 27001 certificate, which proves that the information held by us is sufficiently protected against loss, misuse or other violations.
It is an internationally valid standard that defines the requirements for the safety management system in a company. A company that receives the certificate demonstrates to all interested parties that it uses a systematic approach to information security management based on risk management. The standards for obtaining a certificate are determined by the International Organization for Standardization (ISO), which has been based in Geneva since 1947.
Before the certificate is granted, an internal audit of the company being certified takes place, the task of which is to determine the degree of cyber security and its overall readiness for certification. 3 areas of safety are investigated:
Subsequently, the assets of the company to be protected are determined, possible information security risks are selected, and then measures with the required level of guarantees are put in place and these are controlled.
We received the certificate again for the field of activities "creation, implementation and operation of Internet services in the field of digitization and automation of the flow of documents, goods and money". By obtaining it, we proved that
We know that we deal with sensitive client data, which is why its security is one of our top priorities. The newly obtained ISO 27001 certificate is one of the proofs that we are serious about data protection and management at GRiT.