Sigma Software is ISO/IEC 27001:2013 Certified
ISO/IEC 27001 is an information security management standard used by businesses to keep data secure. This standard requires building a mature and thought-out approach to managing sensitive information in order to keep it secure at every level, including people, processes, and IT systems.
After a rigorous auditing process, we have successfully achieved certification that acknowledges company`s previous strong background in regard to protecting own information and our customers data from security threats. The Lead Auditor of Bureau Veritas Certification, Mr. Dmytro Lessik commented on Sigma Software receiving ISO/IEC 27001:2013 certification:
“The issue of information security becomes increasingly important. By securing ISO/IEC 27001 certification, Sigma Software gets higher level of confidence from their clients and now they know that company follows the best practices for information security management.”
Mrs. Katherine Gribok, Deputy Quality Director at Sigma Software also thinks that having certified as ISO/IEC 27001 compliant, the company will lay the basis for the future long-term cooperation with new customers that consider the issue of information security as one of the most crucial. “Big companies and brands pay serious attention to security when choosing new partners. Businesses that have made an effort in strengthening information security, will be their first choice,” Katherine says. “Implementing an Information Security Management System (ISMS) provides our customers with new key benefits:
- avoiding downtime caused by legal issues related to information loss or leakage
- improved risk management when it comes to security threats and eliminating system vulnerabilities being exploited
- better understanding of how statutory and regulatory requirements impact business and its customers
- higher end customers satisfaction.
Receiving the certificate is a great achievement that took a lot of time and effort; it also demonstrates how seriously we take information security.
“Over two and a half years we were preparing to certification: studied the standard, implemented all the recommendations, interacted with specialists, conducted numerous trainings, etc. As a result, we have created our own methodology for risk assessment and applying protective measures. Now we have a comprehensive set of policies and procedures to ensure information security in different areas (including compliance to new GDPR). Our ISMS is constantly updated and refined, so our customers can definitely rely on us!” says Mr. Yuri Nazarenko, Quality Manager at Sigma Software.