We're happy to announce that Daxx received the ISO 27001:2013 certification. It verifies the maturity and high quality of the company's security management system. ISO 27001:2013 supplements the ISO 9001:2015 certification we got back in 2017.
Above all, the certification confirms that the information of our suppliers, clients, contractors and coworkers that we get and process within Daxx is protected with strict measures that comply with the ISO 27001:2013 standards.
To receive the ISO 27001:2013 certificate, Daxx had to prove the company's conformity with the high level of security management system required.
Consequently, we carried out the following operations:
- We developed a relevant system of documentation which allowed us to take organizational measures and keep control of information security consistently. The documentation includes corporate policy, internal rules, and risk management.
- We introduced a business continuity plan for unexpected circumstances (power cutoff, internet disconnection, etc.), accidents (fire, flood, windstorm, etc.) and any other circumstances that may harm business processes.
- We integrated several technical measures to make sure the administrative ones are implemented without obstruction.
- We instructed employees on how to act in each situation and how to utilize information properly, identifying do's and don'ts precisely.
- We revised access levels to various types of information and made sure that data stays in the right hands.
- We underwent an external audit and continue the development of this system to further improve, supplement, and enhance it. We'll be undergoing annual audits to verify our status and continuous improvement from the prospect of management and information security.
Managing Director at Daxx
"The ISO 27001:2013 certification proves that Daxx is a mature organization with a well-structured security management system. Now, we have an even better understanding of what information we operate, what are the access levels to various types of data, what levels of information criticality there are, and how to protect this information on all possible stages using the most advanced security practices.
Even though our information security framework is strict and data leakage is unlikely, no one has yet developed a 100% protection from data leaks. So as part of the certification scope, we’ve worked out and implemented an action plan that would minimize the consequences of any data breach in case it happened. We'll continue to enhance our security management system taking into account current market trends and practices."
Bureau Veritas is our ISO 27001:2013 certification partner, whose main goal is to reduce the client's risks and boost their performance rates. The organization has operated since 1828, which proves the company's reliability and dedication to the client's prosperity.