To set up our ISMS, we followed the best practices described by ISO 27001, the international standard for ISMS.
After more than 1 year of preparation, independent ISO auditors came, saw and ... approved!
ISO 27001 takes a risk-based approach to information security:
- identify information security risks
- apply suitable controls to mitigate them
Our ISO/IEC 27001:2013 certification offers you guarantees about the controls applied by Sofico. You can learn more about these controls on the ISO 27001 section of our website.
What is ISO27001?
ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.