Insightrix Communities and it's parent company, Insightrix has chosen to prove its commitment to privacy by pursuing and achieving ISO/IEC 27001:2013 certification.
The discourse around information security has changed and will continue to change how business is done. The future is in increased regulation and ever-improving standards management.
Insightrix Communities understands the importance of this business reality – that is why we invested 18 months of senior management time and significant investment in capital purchases and expert consultation to achieve the ISO 27001:2013 certification.
“Implementing ISO standards proves our commitment to privacy and assures our clients that secure systems and procedures are in place at all stages of our business,” says Corrin Harper, Insightrix President.
To become compliant, we underwent an extensive, 18-month company-wide audit of its quality management systems, a management system review, the enhancement of standard operating procedures and the formation of a change management team. This was followed by an independent, three-stage audit process, including a five-day on-location assessment from an independent body. We are very proud to have taken this proactive step to further ensure our clients’ information remains secure and private.
What is ISO/IEC 27001:2013 – Information Security Management System?
ISO 27001:2013 is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
It specifies best practices and procedures that relate to how companies can manage information security in a way that reduces overall risk. Organizations meeting the family of standards may be certified by an accredited certification body, following the successful completion of a formal audit.
We chose to work with BSI Canada, a member of the intellectual accredited certification body based in Canada.
Now that we’ve achieved this certification, we are committed to annual audits from our accreditor to ensure we maintain ISO 27001 standards and procedures. Failure to do so would risk losing our certification. In addition to maintaining compliance, we must also demonstrate continued improvement. Feel free to validate this certification with BSI.
What does ISO 27001:2013 certification mean for your business?
Our certification means we have made a significant investment of time and resources to implement an ongoing Information Security Management System. It means our commitment to your data privacy goes beyond simple assurances; instead, it represents an entire management system that ensures data privacy and security is considered at every stage of Insightrix Communities operations.
Your IT security team, legal team, privacy team and procurement team may be very interested in our achievement, and we encourage you to share this information in your organization. Our certification means we are ready to demonstrate our commitment to data privacy when asked by your organization’s vendor management team.
What’s next for us?
ISO 27001:2013 certification means our commitment to data privacy and information security is a way of life for Insightrix Communities. We have the management framework and systems in place to ensure we can meet and exceed current and future privacy requirements in Canada and worldwide. We will continue improving, upgrading and maintaining our commitment to data security and privacy. If you would like to discuss further about how a community might suit your needs please contact us.