ISO 27001
For your safety
ISO 27001 is a framework that helps organizations that strive for improved control over information security. The internationally recognized standard ISO 27001 is developed and verified by experts around the world. By applying the standard, companies can better identify risks and introduce appropriate controls to reduce the risk.
This certification is especially important in view of the new data protection regulation and provides security for you as a customer.
You get a supplier with:
- Ensured high competence in the IT security area for all employees
- Independent ongoing review of security and routines via certified IT security auditor
- Requirements for updated risk analyzes of important functions
Why did SoftOne choose ISO 27001 certification?
- Comply with local and global laws, such as GDPR
- Find a method to systematically improve our information security
- Protect and care for our customers by securing our cloud service
- Through independent audits, prove that our and our customers’ data is secure
- Avoid fines and financial losses due to intentional or unintentional violations or information leaks by us or our customers
- The ISO27001 certification is an important seal of quality that supports
- SoftOne’s goal of having the industry’s most satisfied customers
SoftOne's Security Policy
SoftOne develops and offers an ERP and HRM platform as software as a service (SaaS) for chosen business areas in the Nordic countries. We offer a modular subscription-based cloud solution, which allows our customers to use our services wherever they are through mobile app and the web.
SoftOne shall always be at the forefront of maintaining the highest security and integrity for our customers and our employees. We practice what we preach by using our own and other cloud services. Customers can rest assured that SoftOne has processes and routines in place that provides secure systems and services that are constantly improving in accordance with our information security management system (ISMS). Our aim is to achieve higher standards than required by laws and regulations for information security that protects the end user by minimizing the risks. All employees shall have a good knowledge in information security.
How does SoftOne ensure continuous improvements in the area of security?
- Security Council that regularly monitors and initiates actions to learn and continuously improve security and processes
- Incident management and monitoring
- Constant monitoring of external factors around security
- Constant testing of security via penetration tests and automated scans
- Technical development with a focus on methods that ensure the safety of our development processes and services
- The management’s review with an external party 1-2 times a year
- Revisions
- ISO27001 external audit annually
- Internal audits annually
- Own audits of partners annually