RM Unify achieves ISO 27001 Information Security recertification
RM Unify has been certified to ISO 27001:21013 for Information Security since 2014 and we are delighted to announce that we have successfully passed a full re-audit to be recertified for another three years.
ISO 27001 is the most widely recognised and internationally accepted information security standard and defines how organisations should manage and handle information in a secure manner, using appropriate security controls.
When thinking about information security there are three main considerations:
- Data security i.e. that data is only available to those people that should have access
- Data integrity i.e. ensuring that the data is not corrupted in any way
- Availability of data i.e. ensuring that it is always available to the people that should have access
ISO 27001 provides a clear framework for appropriate processes and practices to minimise the risks to the security of information; it is then our job to work out how to apply these to our particular situation. RM Unify has:
- Robust risk management processes so that we can identify and understand risks to RM Unify and plan how to mitigate these as far as possible
- Strong security-focussed software development principles used by the RM Unify development team
- Clear incident management processes so that where something does go wrong we can address it as quickly as possible and understand how we can avoid a similar issue in future
- Security guidelines for all staff that work in the RM Unify team, whether in development, operations or support, so that information security remains at the forefront of their minds.
Some organisations follow the principles of ISO 27001 but choose not be put themselves through the overhead of certification. The RM Unify team believe that the rigour of having external auditors, from Certification Europe, for a full audit every three-years and surveillance audits every six-months demonstrates our absolute commitment to best-practice in information security management.
- Find out more about ISO 27001:21013