ISO 27001 – Confidentiality, integrity & availability of all data
The ISO 27001 norm specifies the norm for Information Security Management System (ISMS). Ecochain’s ISMS is made up of a wide range of security measures. These proactively limit the likelihood or impact of data security breaches or disruptions in the software operations.
Its purpose: Ensuring confidentiality, protection, integrity & availability of all the data we process at Ecochain. This includes e.g. confidential data and IP’s from our customers – but also Personal Identifiable Information, protected under legislation such as GDPR.
For example, the ISO 27001 covers:
- If our information security policy and objectives comply with legal regulations & ethical obligations;
- How we identify, assess, and handle possible risks. Think of data breaches or incorrect storage;
- How we comply with relevant legislation;
- How we handle the risks with our suppliers (such as the data centers we rely on);
- How we apply security to your existing IT infrastructure and the development of new IT projects (e.g. firewalls, passwords, disaster planning, business continuity);
And many more aspects. Read more about the ISO27001 requirements here.
ISO 9001 – Constantly managing & improving quality
The ISO 9001 is all about quality. This norm defines how a company should define and follow a quality management system (QMS). This system contains all Ecochain’s policies, business processes, and procedures for creating and delivering our services.
Its purpose: A guide on how we maintain quality in all our outputs. Controlling and ensuring all our processes are performed and applied consistently. With the goal to provide consistent quality for our customers- but also a good work environment for employees. Any issues or improvement opportunities that rise up, are implemented in the QMS for continuous improvement.
For example, the ISO 9001 covers:
- How we monitor customer satisfaction (NPS) and improve customer feedback and complaints;
- How we deliver our services, from first contact to signing a contract and from a signed contract to the invoicing of the services;
- How we manage our resources, including human resources and our work environment;
- How we realize our software developments, from design to delivery;
- How we measure, analyze, and improve our QMS through organizational activities. E.g. internal audits, and corrective & preventive actions.
- And many more aspects. Read more about the ISO 9001 requirements here.
What does being ISO certified mean for Ecochain’s customers?
By committing to these ISO’s, we ensure our customers can rely on us because:
- We continuously improve our services;
- We take customer feedback seriously;
- We evaluate business & IT risks and implement controls to address these, hence reducing the likelihood of impactful security or quality breaches;
- Security & quality are part of our company values. We established a company culture where quality & information security are openly discussed on a daily basis. And where issues are addressed.
- Security & quality governance is addressed in our company strategy.
Any questions about our ISO certification? Security- and quality-related issues and questions can be directed directly to Roel Drost (COO) via security@ecochain.com.