SRS Attains ISO/IEC 27001 Certification, Ensuring Data Security Excellence
March 27, 2024
Strategic Risk Solutions (SRS) recently announced its attainment of ISO/IEC 27001 certification, demonstrating its commitment to maintaining the highest standards of information security management.
International Organization for Standardization (ISO) certification stands as a globally recognized validation of a company's adherence to stringent information security requirements. International Electrotechnical Commission (IEC) is the standards body that publishes international standards for electrical, electronic, and related technologies, according to the ISO website.
"SRS takes its data privacy and protection extremely seriously because of the nature of our business in dealing with a diverse range of clients from small entities to large multinational corporations," said Trung Khuu, SRS director. "ISO/IEC 27001 focuses on information security management systems and it covers our people, procedures we have in place, and the technology we use to service our clients."
"This certification exemplifies our commitment to information security management excellence for our clients' data, as well as to operational merit, as this project involved a significant time and financial commitment of SRS," noted Brady Young, SRS CEO.
He continued, "SRS is the only captive manager that has both an ISO/IEC 27001 certification for our information security management systems, and a [Service Organization Control (SOC) 1 Internal Control over Financial Reporting (ICFR)] Integrated Type 2 Report prepared in accordance with [American Institute of Certified Public Accountants (AICPA) Statement on Standards for Attestation Engagements (SSAE) 18 and International Auditing and Assurance Standards Board (IAASB) International Standard on Assurance Engagements (ISAE) 3402] standards for the suitability of the design and operating effectiveness of its controls on its insurance management systems."
British Standards Institution (BSI), the business improvement and standards company, conducted a thorough audit of SRS's information security management practices to grant this certification. This comprehensive assessment validates SRS's adherence to ISO quality process standards.
David Mudd, global head of digital trust, assurance at BSI, said, "The global digital landscape is changing, with core business practices now increasingly digitally reliant. Trust in the ability to handle sensitive data securely has become a key factor in business success as the considerations in this area escalate. BSI is proud to be a trusted partner as organizations respond to this."
Mr. Mudd continued, "This certification for information security demonstrates SRS's commitment to excellence in information security management and its dedication to establishing digital trust with its clients and stakeholders. The certification required input from all of SRS's employees driven by the leadership team. The team should be very proud of this achievement. Congratulations all."
Standards for ISO certification is defined by the International Standards Organization which is a nongovernmental organization that determines specifications for products, services, and systems for quality and efficiency.
Having this certification verifies the safety measures SRS has put into place to defend against cyber attacks, as well as more common threats, such as accidental breaches or human error. Approximately 30,000 businesses worldwide are ISO certified. SRS is also SOC certified, which guides the establishment of controls in the proper placement.
March 27, 2024