The International Organization for Standardization (ISO) is an independent, non-governmental international organization with an international membership of 163 national standards bodies. The ISO/IEC 27000 family of standards helps organizations keep their information assets secure.
ISO/IEC 27001 outlines and provides the requirements for an information security management system (ISMS), specifies a set of best practices, and details the security controls that can help manage information risks.
Alohi is certified by an independent and impartial certification institute, EY CertifyPoint, through a series of surveillance and audits. The certificate validates that Alohi has implemented the guidelines and general principles for initiating, implementing, maintaining, and improving the management of information security.
The scope of the information security management system (ISMS) Alohi has gotten certified for is to ensure the protection of our customers’ data and applies to all stakeholder relationships with Alohi, including the people, processes and tools required to develop, support and maintain the services and products provided by Alohi.
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. The standard provides a framework for the management of information security risks and enables organizations to take into account their legal and regulatory requirements. ISO/IEC 27000 family of standards provides a framework for policies and procedures that include legal, physical, and technical controls involved in an organization’s information risk management processes.
We have established a risk assessment framework to identify, analyze, and evaluate risks, and treated the risk by implementing a risk treatment plan
applying controls. We have included the requirements for the assessment and treatment of information security risks tailored to the needs of the organization and the products it offers as part of the scope of the certificate.