We are now ISO 27001 Certified!

We take seriously the safeguarding of your personal data and devote our outmost attention to the purpose of guaranteeing their security and protection

KanbanBOX successfully renewed the ISO/IEC 27001 Certification

The certification, first obtained on August 26, 2022 with the version ISO/IEC 27001:2013, has been renewed following the latest version of the standard, ISO/IEC 27001:2022, and can be verified on the website of Accredia, the Italian accreditation body.

 

https://www.iafcertsearch.org/

 

ISO/IEC 27001 gives guidelines for organizational information security standards and information security management practices. It includes selecting, implementing, and managing controls considering the organization’s information security risk environment.

 

It’s the only auditable and certifiable international standard that defines the requirements for an information security management system (ISMS), giving a set of policies and procedures for systematically managing an organization’s sensitive data.

 

In particular, the certification specifies the requirements to set up, implement, use, monitor, review, maintain and improve a documented system within a risk context linked to the core activities of our organization.

 

The scope of the application is:

Design, development, provisioning, maintenance, and assistance of web services in SaaS mode (software as a service) for the Supply Chain of manufacturing and service companies.

The benefits of the ISO/IEC 27001 certification for our users

ISO certification benefits not only our organization but also all our customers and stakeholders. The ISO 27001 standard guarantees that KanbanBOX is a reliable partner and supplier, because:

  • it accurately protects personal and business data
  • it has put in place all possible procedures to protect the protection of information in terms of availability, confidentiality, and integrity
  • it has adopted the most appropriate technical and organizational measures for information security
  • it identifies, tracks, reduces, and controls information security risks
  • it applies the Deming cycle, a four-step management method (Plan – Do – Verify – Act) used for the control and continuous improvement of processes and products
  • it complies with all applicable laws and the GDPR, the European Union regulation on processing personal data, and privacy.