This month PECB MS certified that Scrive’s management system has been assessed and found to be in accordance with the management system requirements in ISO/IEC 27001:2013.
ISO 27001 is an information security certification, defined by the International Organization for Standardization, that helps organizations make the information assets they hold more secure by detailing requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS).
“This is a big milestone for us at Scrive”, says CEO Vikor Wrede. “Trust being at the core of our business, becoming ISO 27001 certified has been at the top of our list for a long time. This certification communicates not only that we take information security seriously, but that we are able to show it.”
According to GDPR, Scrive operates as both a data controller and a data processor. Hence, information security is of utmost importance to Scrive’s business, as protecting customers’ data includes, by extension, protecting that of the customers’ own customers and partners.
“Scrive’s ISO 27001 achievement and ongoing compliance program to support future recertification demonstrates our commitment to continual improvement of our information security posture to all our stakeholders”, says Tim Ellis, Scrive’s Chief Information Security Officer.
In order to maintain the certification, Scrive is subjected to an annual surveillance audit, leading to recertification every three years.