Matrix Requirements is proud to announce the successful audit of its own ISO 27001 Information Security Management System.
As a provider of software solutions which can be used in the cloud, security management was always a key concern for us. From the first day on, we designed the software to be be used in this environment:
- All access is done through secured protocols
- We have procedures to keep our software and servers on the latest state of security
- Our product and operation risk analysis covers cybersecurity issues
- We use modern encryption methods to store sensitive data
- As part of our quality system we control who has access to which data and how it is secured
- Our software is part of a bug bounty program (YesWeHack)
Since we had all this in place anyway, we decided that we want our security procedures reviewed based on the ISO/IEC 27001:2013 by external auditors and a notified body. As a result we got our certificate to comply with the standard. Here's how we achieved compliance in a short time (Blog - How we integrated ISO 27001 requirements into our QMS.)
