After almost a year of rigorous evaluation, we’re proud to share that Kurmi has achieved ISO 27001:2022 certification for Kurmi Provisioning Suite’s cloud service delivery: Kurmi as a Service (KaaS). This accomplishment highlights our dedication to maintaining the highest standards in information security management required by some customers and valued by all. Reaching this notable milestone was a whole company effort involving primarily IT with a significant assist from HR, Legal, DevOps and with concerted involvement by executive leadership.
Why ISO 27001 Matters
ISO 27001 is a globally recognized standard that defines the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). For Kurmi, this certification serves as tangible proof of our steadfast commitment to cyber-resiliency, risk management, and safeguarding of information assets – further assuring our customers and partners.
The Certification Journey
Attaining ISO 27001 certification involved a comprehensive audit of Kurmi’s information security management system (ISMS), covering information security practices, policies, and procedures across all implicated departments. Certi-Trust, a renowned international organization known for its meticulous assessments, conducted the evaluation, ensuring that Kurmi met the stringent criteria for information security excellence. During this time, the Kurmi team created around 50 new processes and policies that strengthened our ISMS and ensured we would continue to meet the ISO 27001 standards year after year.
Frédéric Briand, Chief Information Security Officer, provided insights into the certification journey, “We assessed our existing security practices, mapped processes against ISO 27001 standards, and implemented necessary changes. This journey was not just about meeting certification requirements but about enhancing our overall approach to information security.”
Ongoing Commitment to Excellence
Earning ISO 27001 certification is an ongoing responsibility to maintain excellence in information security. We’ve outlined a structured plan to ensure continual improvement and adherence to the highest standards, including:
- Regular Audits and Reviews: Conducting periodic internal audits and reviews to ensure the ISMS remains compliant and effective.
- Continuous Improvement: Commitment to updating policies and practices in line with evolving threats and industry best practices.
- Employee Training and Awareness: Providing ongoing training to all employees to maintain a high level of security awareness and compliance.
- Technology Upgrades: Keeping technology and systems up to date to counter emerging cybersecurity threats.
Wrapping It All Up
Kurmi’s achievement of ISO 27001 certification is a testament to our ongoing commitment to information security. This milestone not only validates the company’s previously existing rigorous security practices but also highlights our proactive approach to improvement. As Kurmi continues to lead in unified communications and collaboration service management, our recognition as an ISO 27001 certified company sets a benchmark for industry best practices and customer trust.
Interested in learning more about our ongoing commitment to information security? Get in touch.
