Zinc is ISO certified! We are pleased to announce that we have been awarded an ISO 27001:2013 certification. This is part of our ongoing journey to ensure that we always protect your data and keep it secure. We are proud to have achieved this certification, demonstrating our commitment to protecting the information of our clients, employees, and other stakeholders.
This means that we have implemented an Information Security Management System (ISMS), and this system complies with the requirements of the international standard. Effectively, the certification is concerned with how we manage security risks regarding the confidentiality, integrity, and availability of our information assets.
The certification scope is comprehensive and includes all aspects of our information security management, including risk assessment and treatment, environmental security, access control, network security, systems development and maintenance, business continuity management, and incident management. The certification is valid for three years, and we will undergo regular annual surveillance audits to ensure that we remain compliant with the standard. While this is celebratory news, we also wanted to highlight what this means for you as our valued clients and partners. You can be confident that we have the necessary processes and controls to ensure your information's confidentiality, integrity, and availability when in our care.
What is ISO/ 27001:2013?
ISO/27001:2013 is a set of international standards that covers information security management systems. Specifically, ISO 27001:2013 defines the criteria for building effective information security systems. It aids businesses in managing their information security by linking personnel, procedures, and technology.
An ISMS is a system that helps organisations to manage their information security risks. It includes procedures and policies that cover all aspects of information security, from risk assessment to incident management.
As part of the certification process, ISO/ 27001 requires that management:
- Examine the company's information security risks systemically, considering the dangers, flaws, and consequences
- Design and implement a comprehensive information security program that addresses any risks identified as unacceptable
- Ensure that the information security controls regularly to satisfy the organisation's information security needs by adopting an overall management approach
The certification to ISO 27001:2013 demonstrates that we have developed transparent, standardised processes to govern customer data. It also validates our commitment to adopting a transparent data security practice compliant with international data protection laws.
What does the ISO 27001:2013 certification mean for your organisation?
If you're a current Zinc customer, please contact your account manager if you have any questions about the ISO audit.
We received the certification as an external validation of our information security practices. The independent verification confirms data security controls have been implemented.
- Reduced risk of data breaches and cyber-attacks
- Stringent controls on how your data is accessed, used and stored
- Regular monitoring and improvement of our security practices to ensure we maintain reliable and secure systems
- Safeguarding sensitive employees and customer information
- Reducing the risk of data breaches by complying with international data protection laws
- Increased business resiliency and continuity in the event of an incident
Considering Zinc, but not a customer yet? The certification should give you peace of mind that we take information security seriously and have controls to safeguard your data. Please if you have questions about our ISO 27001:2013 certification.
A special thank you
A special thanks must go out to our partners,, who was able to speed up the process and offer their expertise along the way.
As a company, everyone at Zinc feels incredibly proud of the achievement. We look forward to continuing to serve you with the highest security standards. We take data security very seriously here at Zinc and will continue to invest in our systems and processes to maintain the highest standards.
If you have any questions about our ISO 27001:2013 certification or want to know more about our commitment to data security, please don't hesitate to contact us.