ISO 27001 Certification

Securing confidential student information has been the number one priority for Edsby from our inception more than 10 years ago. Consequently, we’re pleased to announce our company is now ISO/IEC 27001:2013 certified.

ISO 27001 is a global standard that helps organizations take a risk-based approach to reduce data threats and address vulnerabilities systematically based on global best practices.

Adhering to this standard means having a formal and comprehensive Information Security Management System (ISMS).

What is an ISMS?

An information security management system includes a comprehensive suite of policies and procedures that a company establishes to identify risks, define controls, and set clear expectations for their information security. The main objective of an ISMS is to protect the confidentiality, integrity and availability of the confidential information the organization manages.

What does it mean to be ISO 27001 certified?

An ISO 27001 certificate indicates we have requested and passed an audit conducted by an accredited certification body. This audit verifies our investment in the people, processes, and technologies responsible for protecting sensitive data.

This milestone entails a cultural shift for the company, and it comes as the culmination of a years-long and intensive process.

To achieve this certification, CoreFour, our company’s legal name, established security baselines and implemented detailed processes to protect sensitive data. Furthermore, the company continuously provides thorough awareness programs for the staff and assesses the effectiveness of risk management controls.

ISO 27001 certification is crucial for building cybersecurity and enables CoreFour to:

  • Anticipate, respond to, and recover from threats
  • Commit to continuously improving our core data management framework
  • Secure cloud and digital data in accordance with global best practices

Cyber risk exposure is a primary concern for all SaaS-based platforms. As CoreFour looks to the future, the fundamental matter is to keep challenging ourselves to improve our service and ensure the highest standards of security and data protection to exceed the needs and expectations of our customers.