Given the great volumes of data and information to be handled these days, companies need to implement security measures and processes to guarantee data protection and privacy.
In the IT world, companies are becoming increasingly vulnerable to possible cyberattacks. It is therefore crucial for all organizations to have information security systems enabling them to analyse and detect possible anomalies that could indicate a potential threat to their servers.
Which is why we at the FI Group have an information security management system (ISMS) to guarantee the confidentiality and protection of internal information and our clients’ data. And in this respect, we have also been awarded the ISO 27001 certification again.
This certification demonstrates our commitment to providing high-quality products/services while adhering to strict international standards. We’re proud to have achieved its renewal, which recognizes the quality and strength of the FI Group’s ISMS.
Why ISO?
Information security management systems are made up of policies, organizational structures, procedures, processes and resources necessary to guarantee the confidentiality, integrity and availability of information in an organization.
For some years now, leading international standardization bodies have been establishing requirements for the implementation of information security management systems. One of the most frequently used among them is the 27001:2017 standard by the International Organization for Standardization (ISO) because it is widely recognized internationally and permits implemented information security management systems to be certified.
Advantages of being (ISO) certified
- The certification helps us to differentiate ourselves from competitors by highlighting our extensive commitment to information security and data privacy, along with defining high quality and excellence standards.
- It demonstrates that we have a powerful information security and privacy management system in place that complies with national legislations.
- The certificate and underlying ISMS make us more competitive by reducing costs that would have an impact on our business continuity.
- Our processes become safer, as well as more traceable.
- And it efficiently tests our compliance with the security requirements of third parties.
Which countries is the FI Group ISO 27001 certified in?
We have implemented security measures and processes in several FI Group countries to ensure that all our systems are safe, and to demonstrate our commitment to customers. The countries already certified are:
– Belgium
– Brazil
– Canada
– Chile
– Colombia
– France
– Portugal
– Spain
– USA
– United Kingdom
To be included in the certification this year:
– Germany
– Italy
Spain additionally has an ISO 27701certificate demonstrating an even higher level of privacy and data protection.
How does the renewal process work?
The renewal process has two major parts and takes a whole year.
The first part is an internal audit where all the ISO domains are evaluated, and we can verify the strength of the controls implemented in the company.
Once the internal audit has been completed, we focus on the aspects identified as potential improvement areas while working on the continuous development of our information security management system.
This process takes a whole year because it needs to continuously update and develop the implemented controls while adding new checks and processes that help to strengthen our company.
The second major part in October is the external audit where the company’s compliance with the controls and domains required by ISO 27001 is evaluated.
Once this audit is done, the country in question will either be certified again, unless of course it has failed to pass it.
Before and after certification
We can see an improvement in our company’s processes and safer procedures that allow us to work with our own and customer information while maintaining the highest security standards.
The difference after implementing the certification is most tangible in our company’s day-to-day business and the confidence that we are working with truly private and confidential data.