To keep your Sofico-held data safe but accessible by authorized users (your employees, Sofico staff and partners), we implemented an Information Security Management System (ISMS).
To set up our ISMS, we followed the best practices described by ISO 27001, the international standard for ISMS.
After more than 1 year of preparation, independent ISO auditors came, saw and ... approved!
ISO 27001 takes a risk-based approach to information security:
Our ISO/IEC 27001:2013 certification offers you guarantees about the controls applied by Sofico. You can learn more about these controls on the ISO 27001 section of our website.
ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.
As part of the internal learning program around ISO27001, Sofico developed 12 explainer videos that explore the ISO27001 controls.
Below you can already watch four of them. The other videos can be found here.