GRiT has renewed its ISO 27001 information and cyber security certificate

News
12.7.2022

We know that at GRiT we handle sensitive information of both our customers and business partners. We do not take the security of their data lightly, so in addition to penetration tests of our systems, we also undergo regular information and cyber security audits of internal processes. We successfully managed this and thus renewed the ISO 27001 certificate, which proves that the information held by us is sufficiently protected against loss, misuse or other violations.

What is ISO 27001 certificate?

It is an internationally valid standard that defines the requirements for the safety management system in a company. A company that receives the certificate demonstrates to all interested parties that it uses a systematic approach to information security management based on risk management. The standards for obtaining a certificate are determined by the International Organization for Standardization (ISO), which has been based in Geneva since 1947.

> View our certificate <

Criteria for obtaining ISO 27001

Before the certificate is granted, an internal audit of the company being certified takes place, the task of which is to determine the degree of cyber security and its overall readiness for certification. 3 areas of safety are investigated:

  1. confidentiality - it is assessed whether access to the information is given to persons with authorization,
  2. completeness - whether it is possible to determine the correct and complete form of the information and
  3. availability - confirms that authorized persons can access the information whenever they need it.

Subsequently, the assets of the company to be protected are determined, possible information security risks are selected, and then measures with the required level of guarantees are put in place and these are controlled.

ISO 27001 certification for GRiT

We received the certificate again for the field of activities "creation, implementation and operation of Internet services in the field of digitization and automation of the flow of documents, goods and money". By obtaining it, we proved that

  1. we can systematically manage the risks associated with external and internal threats,
  2. we have implemented comprehensive sets of information-security controls
  3. and we are able to make decisions about security development investments based on the value of the risks.

We know that we deal with sensitive client data, which is why its security is one of our top priorities. The newly obtained ISO 27001 certificate is one of the proofs that we are serious about data protection and management at GRiT.

Simillar blog posts:

Are you interested in the news in process digitization?

How to digitize and automate invoices, warehouses and the whole business? Enter your address below and we'll send you an email full of tips and news once in a while.