Innovature Achieves ISO/IEC 27001:2022 Certification
We are proud to announce that Innovature has successfully upgraded our Information Security Management System (ISMS) to meet the rigorous requirements of ISO/IEC 27001:2022. This achievement reinforces our unwavering commitment to information security excellence and our dedication to safeguarding the critical data of our esteemed clients and partners.
By aligning with the latest international standards, we ensure comprehensive protection for intellectual property in accounting services, financial databases, call center contact lists, sensitive electronic data, and digital files. Our proactive approach to information security not only meets but exceeds industry expectations, providing peace of mind and fostering trust among our stakeholders.
The certification process, conducted by Sigma Cert Vietnam and officially certified by TNV, a United Kingdom-based certification body, involved a thorough evaluation of Innovature’s security framework. This included multiple rounds of audits to assess our compliance with stringent ISMS policies and procedures, ensuring their effective implementation and integration across all facets of our operations.
Moving forward, we remain dedicated to continuously enhancing our security posture, proactively adapting to evolving threats, and maintaining the highest standards of compliance to deliver unparalleled value to our clients.
About ISO/IEC 27001:2022
ISO 27001:2022 is the latest version of the international standard for Information Security Management Systems (ISMS), published in October 2022. It provides a framework for organizations to establish, implement, maintain, and continually improve their information security practices.
Key Updates in ISO/IEC 27001:2022
- Enhanced Structure Alignment:
- Aligns more closely with other ISO standards like ISO 9001 (Quality Management) for easier integration.
- Updated Control Set (Annex A):
- The number of controls has been reduced from 114 to 93, grouped into 4 key themes:
- Organizational (37 controls)
- People (8 controls)
- Physical (14 controls)
- Technological (34 controls)
- The number of controls has been reduced from 114 to 93, grouped into 4 key themes:
- New Controls Introduced:
Some of the newly added controls include:- Threat intelligence
- Cloud security
- Information deletion
- Secure coding
- Data masking
- Web filtering
- Focus on Cybersecurity:
- Stronger emphasis on addressing modern cybersecurity threats such as ransomware and supply chain risks.
- Risk Management Enhancements:
- Improved risk assessment methodologies to focus on proactive threat mitigation.
- Continuous Improvement Approach:
- Encourages ongoing assessment and adaptation of security measures to evolving threats.
See more >>
