Cosafe Technology has obtained ISO 27001 certification issued by the market-leading Bureau Veritas. The certification company has reviewed Cosafe’s Information Security Management System (ISMS) and the company’s systematic information security work, including processes and procedures to ensure responsible handling of customer data and the platform’s compliance with confidentiality, accuracy, and availability.
Systematic information security work means that the company actively works preventatively and continuously adjusts the protection of information and assets based on the company’s needs and risks. ISO 27001 certification certifies that an Information Security Management System (ISMS) has been successfully implemented and audited according to international standards.
The company’s management system ensures that technical and organizational measures have been taken to secure confidentiality, accuracy, and availability and that over 100 security controls are adhered to, including:
- Policies
- Organization and management
- Training
- Risk assessment and risk management
- Physical security and protection of information assets
- Access control and logging
- Encryption
- Communication
- Software development and maintenance
- Supplier procurement and relationships
- Incident management
- Continuity planning
- Compliance with laws and regulations
- Personal data management in accordance with GDPR, including data and storage minimization, retention, anonymization, and deletion of personal data
With a systematic approach to information security, we ensure that our customers’ information is available when you need it, that you can trust that it is accurate and not manipulated and that only authorized individuals have access to it.
We are dedicated to protecting our customers, users, employees, and our technology. Therefore, systematic processes and controls are in place to minimize the risk of vulnerabilities that could harm the company and our customers’ data.
More about ISO 27001 and Information Security Management Systems (ISMS)
ISO 27001 is a global standard from ISO, the International Organization for Standardization, in collaboration with the IEC, the International Electrotechnical Commission, for managing information security risks. ISO 27001 is the third-largest ISO standard in the world in terms of certifications and includes a set of standardized requirements for Information Security Management Systems (ISMS).
“The ISO/IEC 27001 standard establishes requirements that an organization needs to meet regarding Information Security Management Systems (ISMS), including requirements for the phases of establishment, implementation, maintenance, and continuous improvement. The standard also includes requirements for assessing and treating information security risks. It can further be used to assess an organization’s ability to meet information security requirements, both internally and from external parties.”
The advantage of using this standard is that it can be applied in all types of organizations. It provides a flexible tool for establishing and implementing a management system that meets the organization’s needs, goals, size, structure, and organizational processes for information security. The Information Security Management System effectively supports organizations in their efforts to strengthen control over information security costs, increase confidence in risk management, ensure the confidentiality, accuracy, and availability of operational information, and enhance preparedness against a growing threat landscape in the field.
