ElectraLink today (30 Jan 2015) announced that it has successfully attained ISO 27001:2013 certification, earning the prestigious accreditation after a number of independent, external assessments.
The achievement of obtaining this prestigious certification issued by the British Standards Institute (BSI)means that not only are ElectraLink compliant with the stringent and global Information Security standards laid out in the certification, but we have also raised our internal and external Information Security Management System to the very highest level. Additionally, by implementing the latest 2013 version, ElectraLink’s Information Security Management System (ISMS) is compliant with the latest best practices, controls and industry standards.
Protecting information is a top priority for companies in the modern connected world. When businesses and consumers are managing and transmitting private data over the Internet, there are enormous potential consequences if it is not handled properly. Ensuring the safety of that data is integral for the protection of the company, its customers and its partners.
Stuart Lacey, CEO of ElectraLink said: “In the past few years several large companies have dealt with major intrusions and/or hacks of their software or infrastructure that have resulted in the loss or exposure of sensitive customer information. Preventing similar instances and ensuring the safety of all sensitive customer and partner data is a top priority for ElectraLink, and we have taken proactive actions to ensure that information is managed and stored securely so that our partners and customers can have complete confidence in the safety of the information they share with us.”
ISO 27001 requires that management:
• Systematically examine the organisation’s information security risks, taking account of the threats, vulnerabilities, and impacts;
• Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
• Adopt an overarching management process to ensure that the information security controls continue to meet the organisation’s information security needs on an ongoing basis.