Prevalent, Inc., the company that takes the pain out of third-party risk management (TPRM), today announced it has achieved ISO/IEC 27001:2013 certification for information security management. Established by the International Organization for Standardization (ISO), the ISO 27001:2013 certification follows a globally recognized standard that provides a model for establishing, monitoring and improving an information security management system.
ISO 27001:2013 certification is indispensable for monitoring, reviewing, maintaining and improving a company’s information security management system, and provides customers and partners with greater confidence in their relationship with Prevalent.
ISO 27001:2013 certification required that Prevalent:
- Systematically examine information security risks, taking account of the threats, vulnerabilities and impacts;
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.
As part of the ISO 27001:2013 information security controls and systems audit, the company used its own Prevalent Third-Party Risk Management Platform to create an information security management system (ISMS) to track all aspects of risk, documentation, key performance indicators (KPIs), tasks, schedules, and requirements for its IT security needs. Prevalent customers can leverage this capability to address their ISO certification reviews as well.
The Prevalent Third-Party Risk Management Platform is a SaaS solution that enables companies to automate the critical tasks required to onboard, assess, manage, continuously monitor and remediate third-party security, privacy, compliance, operational and procurement-related risks across every stage of the vendor lifecycle.
Also read: Addressing SaaS Security Challenges with Comprehensive SaaS Management
“This certification reinforces our commitment to the highest principles of information security,” said David Allen, chief information security officer for Prevalent, Inc. “ISO 27001:2013 certification provides our customers with peace of mind that our policies, standards and processes meet rigorous compliance requirements, while protecting their information across the industry’s most comprehensive third-party risk management platform.”
For more such updates follow us on Google News ITsecuritywire News
