The ISO/IEC 27001 is a leading international standard that is focused on the information security established and maintained by organizations. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005 and then revised in 2013.

The standard provides details on the requirements for establishing, implementing, maintaining and continually improving the Information Security Management System (ISMS) of the organization. The ISMS is a set of rules that are in the form of policies and procedures that are established by the organization to:

• Identify stakeholders and their expectations in terms of information security

• Identify which risks exist for the information

• Define controls and other mitigation methods to meet the identified expectations and handle risks.

• Set clear objectives on what needs to be achieved with information security.

• Implement all the controls and other risk treatment methods.

• Continuously measure if the implemented controls perform as expected.

• Make continuous improvement to make the whole ISMS work better.

Vretta has successfully met all the requirements of the ISO/IEC 27001 standard and has been externally audited by an accredited auditor. We received our ISO 27001 certificate on August 04, 2020.

“Vretta’s compliance with the ISO/IEC 27001 standard reinforces our commitment to our Information Security Management System, including the confidentiality, integrity, and availability of information to only authorized individuals.” says Zach Williams, Director of Technology at Vretta. He adds “achieving the ISO/IEC 27001 certificate assures our partners of our continued investments in establishing and maintaining the highest level of security and compliance for the delivery of our e-assessment and learning solutions.”

To learn more about how Vretta is maintaining the security and integrity of our solutions, email info@vretta.com.