In August 2020, Edvantis was fully certified by TÜV SÜD Management Service for ISO/IEC 27001:2013 — an internationally recognized standard for managing information security for consulting and software engineering services for high-tech industries. 

Edvantis Achieves ISO/IEC 27001:2013 Security Certification

What is ISO/IEC 27001:2013?

ISO/IEC 27001:2013 is a standard that stipulates the key provisions of information security management within organizations. The aim of the requirements set forth by this standard is to ensure that the organization adheres to the provisioned best practices for implementing, maintaining, and continuously improving their information security management systems (ISMSs). It serves as an independent confirmation of Edvantis‘ reliability and effectiveness in regards to security. 

TÜV SÜD Management Service GmbH — an independent German vendor, specializing in auditing, assessment, validation, and certification of management systems — conducted an external audit. According to the requirements, TÜV SÜD performed the audit in three stages in line with all the ISO/IEC 17021 and ISO/IEC 27006 standards:

  • Stage 1: a preliminary review of the current company’s information security policy, Statement of Applicability (SoA), and Risk Treatment Plan (RTP).
  • Stage 2: a formal compliance audit that included independent testing against the certification requirement. The auditors confirmed that our management systems were properly designed and implemented in line with the standard’s requirements.
  • Stage 3 (ongoing): ISO/IEC 27001:2013 is valid for a period of 3 years. Still, during that period, Edvantis will be due for a follow-up reassessment that will confirm our conformance with the set standards to ensure that our ISMS operates as specified. 

What ISO/IEC 27001:2013 Certification Means for Our Clients

Edvantis has a deep commitment to operational excellence at every level. The new certification serves as proof to our abilities in managing security risks of the information we hold: 

  • Ensure proper protection of client and corporate information 
  • Mitigate risks to information security efficiently
  • Achieve compliance with EU GDPR regulation 

As a client, you gain extra reassurance that we can be entrusted with sensitive information during the collaboration and ensure its utmost security!