Skip to main content

ISO 27001 certification

Kisi is ISO 27001 certified. The ISO 27001 standard is a globally recognized information security standard developed and maintained by the International Organization for Standardization (ISO) and provides the specification for an information security management system or ISMS.

Organizations using an ISMS, especially one that conforms to ISO 27001, can ensure compliance with a host of laws, including the high-profile GDPR general data protection regulation and the network and information systems regulations, or MIS regulations.

The ISO 27001 standard is the centerpiece of the ISO 27000 series, a set of multiple information security standards that together form a widely recognized framework for managing information security best practices. These standards provide a framework of specifications, codes of conduct, and best practices for securing information assets.

In order to achieve this certification, Kisi's compliance was validated by an independent auditor.

Benefits of being ISO 27001 certified

  1. Secure information: ISO 27001 helps protect all forms of information whether digital, paper-based or stored in the cloud.
  2. Increased cyber attacks resilience: Detect and reduce cyber threats early. Kisi conducts annual penetration tests as part of ISO 27001.
  3. Protecting the confidentiality, integrity and availability of the data: ISO 27001 helps to ensure that the information is:
    • Confidential: Not available or disclosed to unauthorized people entities or processes.
    • Whole: Complete and accurate, and protected from corruption.
    • Available: Accessible and usable as and when authorized users require it.
  4. Compliance with business, legal, contractual and regulatory requirements: ISO 27001 certification is also in line with rigid regulatory requirements such as the GDPR (General Data Protection Regulation), the NIS Directive (Directive on security of network and information systems) and other cyber security laws.

Security testing

As part of our ISO 27001 compliance, Kisi conducts annual penetration tests by certified third-party security firms. These comprehensive assessments help us:

  • Identify potential vulnerabilities before they can be exploited
  • Validate the effectiveness of our security controls
  • Ensure ongoing compliance with ISO 27001 requirements

Additional certifications

In addition to ISO 27001, Kisi also maintains SOC 2 Type II certification, which provides comprehensive evaluation of security controls over customer data. Both certifications are validated by independent third-party auditors through annual compliance audits.

Vulnerability assessment

As part of our ISO 27001 compliance program, Kisi conducts annual penetration tests by certified third-party security firms. These assessments help maintain resilience against evolving cyber threats and ensure our security controls remain effective.

For more information, see our guide on ISO 27001 Compliance.