LockPath, a provider of governance, risk management and compliance solutions, has achieved the ISO 27001 certification, an internationally recognized information security standard. Published by the International Standardization Organization, the certification is awarded to companies that have continually demonstrated a high level of information security management and the ability to protect customer data.
With a backdrop of third-party breaches and regulations requiring increased third-party due diligence, the market is calling for validation that third-party vendors, especially software providers, are secure. The ISO 27001 certification affirms that LockPath provides the necessary controls, technologies and procedures to handle mission-critical information for SaaS clients. The certification included rigorous reviews of LockPath’s data management and privacy practices by an accredited third-party auditor.
The ISO 27001 certification helps organizations initiate and maintain an information security management system (ISMS), a suite of activities managing information security risks. This ISMS is a framework that includes policies, processes, and roles/responsibilities organizations use to manage and control information security risks, confidentiality and data integrity.
LockPath’s Keylight GRC Platform helps organizations manage compliance with regulations and standards, including ISO 27001. Throughout the certification process, LockPath used Keylight to align itself with ISO 27001. Keylight was used to implement required controls, house LockPath’s information security policies and procedures, as well as to manage security risks and data.