We’re proud to announce that Signifyd has been recommended for ISO 27001 certification, underscoring our commitment to security and compliance.
ISO 27001 is an internationally recognized information security standard which takes a risk-based approach to the security of data. Successfully completing the ISO 27001 audit means Signifyd meets the international standard’s stringent requirements for establishing, implementing and maintaining an Information Security Management System (ISMS). The purpose of an ISMS is to consistently maintain and continually improve confidentiality, integrity and availability of information assets, such as customer data, human resource data, intellectual property and financial data.
Additionally, Signifyd has demonstrated that it has put in place effectively designed operating controls for each of the 14 control sets in the standard, including:
- Information Security Policies
- Organization of Information Security
- Human Resource Security
- Asset Management
- Access Control
- Physical and Environmental Security
- Operations Security
- Communications Security
- System Acquisition, Development and Maintenance
- Supplier Relationships
- Information Security Incident Management
- Information Security Aspects of Continuity Management
The recommendation for ISO 27001 certification adds to Signifyd’s already significant industry standard compliance achievements, including SOC 2 Type II, PCI DSS and PCI 3DS2. Those achievements, combined with Signifyd’s conformance with multiple data privacy regulations — including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) — mean Signifyd’s customers can rely upon our dedication to safeguarding a global data footprint. For more information regarding Signfyd’s Security & Compliance Programs, including audit report requests, please visit Signifyd’s Security & Compliance webpage.