What is ISO 27001?
ISO 27001 provides a framework to help organisations to protect their Information Security Management System. The ISO 27001 Standard is recognised worldwide and verified by experts. By implementing the information security management system best-practice approach helps organisations manage their information security by addressing people, processes, and technology. The certificate is important in our work to achieve GDPR compliance and secure the personal data and integrity for our customers.
You get a supplier with:
- Ensured high competence within IT Security for all employees.
- Regular external maintenance audits conducted by a certified IT Security Auditor.
- Regularly analyse threats and vulnerabilities that applies to important assets.
Why did SoftOne choose ISO 27001 certification?
- To manage legal and regulatory requirements locally and globally, such as GDPR
- Find a method to improve information security best practice
- Protect our customers by securing our cloud service.
- Through external audits prove that our and our customers data are secured.
- Avoid financial penalties and losses associated with data breaches or cyber-attacks.
- The ISO 27001 certification builds trust and credibility and support SoftOne’s objective to obtain the industry’s most satisfied customers.
SoftOne’s Information Security Policy
SoftOne develops and offers an ERP platform as software as a service (SaaS) for chosen business areas in the Nordic countries. We offer a modular subscription-based cloud solution, which allows our customers to use our services wherever they are through mobile app and the web.
SoftOne shall always be at the forefront of maintaining the highest security and integrity for our customers and our employees. We practice what we preach by using our own and other cloud services. Customers can rest assured that SoftOne provides secure systems and services that are constantly improving in accordance with our information security management system (ISMS). Our aim is to achieve higher standards than required by laws and regulations for information security that protects the end user by minimizing the risks. All employees shall have a good knowledge in information security.
Stockholm, 2021-08-27
SoftOne AB (publ)/Håkan Lord
How does SoftOne secure effective and improved risk management?
- Security Council regularly monitors and initiates actions to educate and improve the information security process.
- Incident management and monitoring
- Constant surveillance of external security risks.
- Effective penetration tests and automated vulnerability scanning
- Technical development with a focus on methods that ensure the security of our development processes and services.
- Management review with external party 1-2 times annually
- Audits
- ISO 27001 external audit annually
- Internal audits annually
- Internal audits of Partners annually