Tuesday, November 1, 2016

ISO 27001 Certification? Done!


Well, we did it.  We got our ISO 27001 Certification.

Now that we've gone through the entire process and have the proof of it I can say this: I knew we were doing Thinge Data Security right already and for us it was essentially an exercise in verification.

That's not to say it was easy.  We updated all of our policies.  We updated existing tools to help us better monitor our own internal activity.  Our entire team spent extra time on many tasks.  We engaged four different vendors and went through several multi-day audits.  In addition to the significant investment of our time, we spent a significant amount of real money.

We were in an excellent place when we started the process but I can honestly say that we're in a better place now that we've gone through the process.

So.  Thrilled that we did this.  Looking forward to what comes next.

The Give Back To The Community: Anyone in the XPages community who would like advice on the process based on our own experience, just ask me.  I'm happy to share.