Stibo Systems, the global leader in Business-first Master Data Management (MDM)™ solutions, today announced that the company has achieved ISO/IEC 27001:2013 certification, the international standard outlining best practices for information security management. Compliance with this standard demonstrates Stibo Systems’ dedication to a repeatable, continuously improving, risk-based security framework. The management system was inspected by certification body DNV GL.
Established by the International Organization for Standardization (ISO), the ISO/IEC 27001:2013 certification is an internationally recognized framework helping organizations maintain data security by specifying the requirements for establishing, implementing, maintaining and continually improving information security management. In addition, the ISO/IEC 27001:2013 includes assessment and treatment of information security risks that are tailored to the needs of the organization seeking certification. The certificate covers Stibo Systems’ offices in Europe and North America.
“Using the ISO framework for our security implementation has provided Stibo Systems with a common language, as we continue to evaluate and improve our controls and procedures throughout our organization,” said Chief Information Security Officer Martin Samuel Nielsen, Stibo Systems. “More importantly, it demonstrates our strong commitment to meeting our customers’ demand for a structured, documented and repeatable process for managing information security. Stibo Systems is committed to continuously making information security and data protection an integral part of all of our business processes, allowing our customers to have the utmost confidence in their specific use of Stibo Systems’ portfolio.”
Achieving the ISO 27001 certification means that Stibo Systems clients can be certain that the Company will follow information security best practices. The certification attests that the highest level of controls is in place when Stibo Systems handles its clients’ confidential information as well as its own, as the standard requires the certification of an organization’s information security management controls for areas such as data security and business continuity.