CREAplus has been awarded the ISO 27001 certification (full name ISO/IEC 27001:2013).
The achievement of acquiring this leading certification relating to information security, has meant that we have demonstrated our commitment to constantly developing and monitoring measures and procedures to ensure the preservation of confidentiality, integrity and availability of our clients’ information as well as our own information.
ISO 27001 is a leading international standard related to information security, which defines the information security management system. It is prescribed by the International Standardization Organization (ISO). The purpose of this standard is to establish a framework and describe the ways in which companies or organizations can successfully establish an information security management system. Moreover, the establishment of information security in accordance with this standard enables companies to obtain a certificate issued by an independent certification body which conducts compliance verification and certification.
By implementing the ISO 27001 standard in the company, we reduce the risks associated with confidentiality, integrity and availability of information held by the company or received from clients. Also, the introduction of this standard can significantly help to comply with legal requirements in protecting sensitive data, information systems, personal information, and the like.
In business terms, the introduction of this standard can reduce the number of incidents related to information security as well as reduce the possibility of a compromise if any of the three main factors related to information security are violated: confidentiality, integrity and availability of information.