Onix has achieved ISO 27001 certification for its Information Security Management System (ISMS) by demonstrating conformance to its documented ISMS requirements comprising technical and organizational security controls. Marcum RAS, LLC issued the three-year certificate.
ISO 27001 requirements are set forth by the International Organization for Standardization and the International Electrotechnical Commission. ISO 27001 provides an international standard and methodology for how organizations should implement, manage and maintain information security for software, people and processes. The standard was first released in 2005 and updated in 2013.
To receive this certification, Onix invested significant effort into maturing all aspects of its information security program to meet the high bar set by the ISO 27001 standard. A cross-functional team representing all functional areas of Onix’s business collaborated in developing appropriate controls. The audits reviewed company documentation and testing of conformance of Onix’s ISMS with ISO 27001.
The certification is valid for three years, but in years two and three, Onix will undergo surveillance audits to ensure the scope of its ISMS program is consistent with the original certification and that it is showing continuous improvement of its ISMS. The audit also will validate if ongoing monitoring procedures are in place.
Onix CEO and President Tim Needles noted this new ISO 27001 certification reflects the company’s commitment to providing the highest level of security and continuous improvement to those offerings, particularly because the company has a multinational customer base as a top cloud consultancy.
“We started down this ISO path several years ago and are pleased to see it come to fruition,” Needles said. “This is a huge step forward for Onix, and we believe it differentiates us from many of our competitors in the cloud computing space. We have a certified security framework that protects not just our organization but our customers. We take their security and data security exceedingly seriously.”