Assisting DanAds in Getting ISO 27001:2013 Certification
Sigma Software has supported DanAds in developing an Information Security Management System for DanAds to help our partner pass ISO/IEC 27001 certification. This certification acknowledges DanAds’ commitment to meet the high industry standards and to deliver trusted services for its customers worldwide.
In 2016, Sigma Software began a partnership with DanAds, a startup company working in the AdTech industry. The idea behind DanAds was to have a self-service platform that automates collaboration between publishing companies and their clients. DanAds aimed to help publishers automate their business processes, streamline operations, and increase profits through direct online collaboration with advertisers. This idea carried certain expectations from DanAds as a trusted service provider.
Liubomyr Plotnikov, Software Architect and Driver of ISO Certification Initiative, recalls:
“From the very beginning of the DanAds project, we understood that our partner needs to ensure its business security and resilience as a state-of-the-art service provider. From a sales perspective having a management system certified would provide DanAds with certain competitive advantages and will demonstrate its focus on meeting information security requirements.”
The ISO/IEC 27001:2013 is a widely known standard and information security management systems framework. It specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. Besides, we had experienced passing this certification for our own company. So we offered our assistance in getting the DanAds management system fully prepared and certified for the ISO 27001:2013 standard. They decided to accept our assistance and that was just the beginning…
It took about one and half years to set up DanAds Information Security Management System from scratch and get prepared for certification. During this period the following had been done in close cooperation with DanAds management and staff:
- DanAds information security assurance team (ISAT) established and staffed
- Information security roles and responsibilities established
- Essential set of information security policies, procedures, and forms developed and published
- GRC (Governance, Risk, Compliance Management) tool implemented and fully operational
- Information Security Management System portal fully operational
- Information security risks in development, production, and management areas assessed
- Secure software engineering practices implemented
- Production infrastructure, software, and data fully protected
- Comprehensive staff training program created and launched
- Annual internal audits program planned and completed
- Compliance evidence collected
A thorough approach to certification paid off and DanAds passed the certification audit with flying colors and without any single nonconformity. By getting ISO certified DanAds demonstrated that it had the appropriate safeguards in place and its management system is able to continually support the delivery of secure and trusted services to its customers.
“Achieving ISO 27001:2013 certification is an incredible milestone for the company and further highlights our ongoing commitment to maintaining the highest possible security and privacy standards,” comments Johan Liljelund, CTO at DanAds. “I’d like to thank our information security assurance team. They all did an amazing job.”
“No certification of this kind would have been possible without top management's strong desire and commitment to making the company better and more secure. And such things are not done alone. Thanks to everyone at DanAds and Sigma Software for such excellent teamwork,” says Yuriy Nazarenko, Senior Business Process Analyst at Sigma Software.
“DanAds makes an amazing product. From the very beginning, we knew that they were destined to succeed. It’s a great pleasure to provide various kinds of services such as development, support, and security expertise to DanAds. We also provide consulting in cooperation with enterprises, and certification expertise to make DanAds ready for future challenges,” says Anna Boiko, Account Manager at Sigma Software.
“Five years ago, when Sigma Software and DanAds became partners, the team included only five people on our side. In 2021, this number exceeds 60 people on the Sigma Software Side, with the total DanAds employee count going over 100 people. Throughout all these years DanAds has evolved rapidly and has attracted more and more clients. We are happy to support our partner in their development and planning, so we are preparing for the next steps,” shares Liubomyr Plotnikov.
DanAds is not going to rest on one's oars. New certifications are coming soon. Stay tuned to be the first to find out about their progress.