We’re pleased to announce that Airlock Digital has achieved certification to ISO 27001:2022!
Building on our certification to the previous version of the ISO 27001 standard, ISO 27001:2013, this maintains our commitment to conform to the leading worldwide standard for information security management systems.
Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27001 (described here as ISO 27001) provides a systematic and structured approach to managing and protecting sensitive information within an organization.
As described by the ISO, this standard requires organizations to implement a comprehensive set of policies, procedures and controls to manage information security risks and ensure the confidentiality, integrity and availability of information. It provides a framework to:
To adhere to ISO 27001, we’ve established an information security management system spanning risk assessment, asset management, access control, cryptography, incident management, and more.
We review this system constantly for opportunities to improve our processes and practices.
Published on 25 October 2022, ISO 27001:2022 is the latest version of ISO 27001 and targets several existing and emerging threats and technologies. This most recent version incorporates 11 new security controls covering topics such as threat intelligence, information security for the use of cloud services, ICT readiness for business continuity, physical security monitoring and much more.
It also updates and streamlines existing controls, includes minor additions to mandatory clauses, reduces the overall number of controls, and consolidates the number of domains that controls are grouped into to four: organizational, people, physical and technological.
Through certification, we are verified to comply with all controls bar a small number considered not applicable to Airlock Digital.
To achieve this milestone, we secured buy-in from our leadership team, and coordinated across a multitude of business areas, including People & Culture, Product and Infrastructure, Security, Legal, and more.
Business units across the whole company leaned in to achieve the right outcome.
Our ISO27001:2022 project aligns with our key strategic initiative of giving customers the confidence that Airlock Digital will protect their environments, both through our solution and our internal processes and controls.
Certification to ISO 27001:2022 is part of a mature, rigorous compliance, risk management and data protection program within Airlock Digital. Critically, it assures our customers that we continue to meet stringent security standards and requirements, and reinforces the trust that customers place in us every day.
ISO27001:2022 certification is one of many important programs on the security roadmap for FY2026. Watch this space for further announcements!
For more information about our compliance initiatives, check out the Airlock Digital Trust Center as well as our Privacy Policy.