Mida is proud to officially announce the ISO 27001 certification, recently issued by DNV GL, one of the leading global auditors which has helped enterprises in more than 100 countries, since 1864, to increase the security and the sustainability of their business activities. 

Concomitantly with ISO 27001, we renewed also ISO 9001 certification, which confirms the quality of our managing processes.

 

ISO 27001 in a nutshell

ISO 27001 is the international standard that dictates the standards and requirements to be met to implement an ISMS, Information Security Management System. According to the ISO 27001 international guidelines and best practices, companies must implement a framework of processes, policies, procedures, and technologies in order to securely handle and monitor information and cope efficiently with potential risks.

 

Why ISO 27001 is a must-have 

During the certification process, an external auditor performs a series of legal, technical and physical checks on all areas of the company (digital and physical documentation, hardware and software, and personnel skills). This comprehensive audit assesses whether it is necessary to increase data protection on all company assets. All internal and external risks, cyber and non-IT, are assessed according to the current ISO 27001 requirements to obtain a comprehensive and central view of corporate security

 

This certification process mainly helps to:

  • identify security vulnerabilities and threats that companies need to be aware of;
  • increase resistance to technological and non-technological attacks and understand how to respond to the most common threats;
  • provide a central and unified management structure for information security to improve protection.

 

Mida ISO 27001 certification

The ISO 27001 certification is a great achievement for us, as we have always dedicated great attention to the protection of information. This certification proves that in all our processes, information is always protected the data categorized as confidential is only accessible to a limited number of stakeholders: only authorized Mida employees have access to this information and technical protection process against computer fraud is in place. 

During the certification process, no non-conformities were detected and DNV GL stated that no follow-up audits were necessary. The audits highlighted Mida’s strengths in this area:

  • high awareness of the employees interviewed on data protection issues;
  • use of tools for analysing the vulnerability of systems to avoid risks;
  • willingness to increasingly integrate data management systems.

 

Check Mida’s ISO27001 Policy or talk to us if you want to have more details on how we are committed to protect the security of our information and those of our customers.