ISO/IEC 27001

A specification for an information security management system (ISMS)

An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. TechnologyOne acquired this in 2011 to create a global policy framework that enabled us to include security as part of the design process. It demonstrates that we are following international best practice to mitigate threats.

ISO/IEC 27001 requires that management:

  • Systematically examine the organisation's information security risks, taking account of the threats, vulnerabilities, and impacts;
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organisation's information security needs on an ongoing basis.

Our accreditations

PCI Compliance Information

Contact Us Agent - TechnologyOne

Have a question?

If you would like more information, we are here to help.