ISO/IEC 27001:2022
ISO 27001:2022 certification pertains to the Information Security Management System (ISMS) of Resilinc’s in-house data, customer and supplier data collection, storage, IT management, IT infrastructure management, and sharing processes. Specifically, the company operates an Information Security Management System which complies with the requirements for ISO 27001:2022 for the following scope: The Information Security Management System is applicable to Design, Development and Operations of Supply Chain Risk Management Solutions, with support functions such as Human Resources, Admin and Information Technology as per Statement of Applicability v1.0 dated 06.08.2024.
It is essential for Resilinc customers and suppliers that participate in the company’s global supply chain risk management network that they have complete confidence in the processes by which their sensitive financial and operational data is used and shared.
About ISO 27001:2022 Certification
ISO 27001:2022 is the internationally recognized standard for Information Security Management Systems (ISMS). It provides a framework for organizations to establish, implement, maintain, and continually improve their ISMS, ensuring the confidentiality, integrity, and availability of information. Registration to ISO 27001 provides objective proof that a business has implemented effective Information Security controls and practices. An external, impartial expert called a registrar or Certification Body (CB) conducts an on-site audit to determine whether a company is in conformance with the standard. For any query related to certification, please drop an email to [email protected].
ISO Objectives for Which Resilinc has Complied with for This Certification:
- Information Security
- Leadership
- Involvement of people
- Process and systematic approach
- Timely audits every year
- Ensuring gaining confidence in customer and supplier relationships
Resilinc Process Changes Implemented to Achieve ISO 27001 Certification:
- Provides senior management with an efficient Information Security management process.
- Sets out areas of responsibility across the organization.
- Communicates a positive message and confidence about Information Security to staff and customers/suppliers.
- Identifies and encourages more efficient Information Security processes.
- Highlights deficiencies in Information Security.
- Provides continuous assessment and improvement in Information Security.
- Affords enhanced marketing opportunities.
- Ensure Information Security of all data, and supplier information shared with Resilinc.
- Negligible or zero Information Security leakage complaints.
- Independent audit demonstrates commitment to Information Security.
- Ensured development and deployment of ISMS policy and relevant processes.
- Ensured that all standard processes have SOPs.
- Ensured that process flow diagrams are available for each of the standard processes.
- Established that standard forms and templates are available on a shared repository.
- Developed standard ISMS training plans and ensured that assessment records are available and maintained for each team.
- All new joiners also undergo this training when they join.
- Implemented effectiveness monitoring based on assessment results and made remediation testing available when needed.
- Implemented processes to ensure that all changes to SOPs (amendments/updates) are communicated to all team members.
- Established a mandatory requirement that all changes to standard documents are subject to ‘Document Change Request’ for both control purposes and to ensure that the most current/updated version is being used.
- All policies and processes will be reviewed on a periodic basis to ensure relevance and offer possibilities of improvement in Information Security.