Mindy Support Received ISO 27001:2013 Certification
Published date: 22.02.2021
Read time: 5 min
The ISO 27001 certificate is widely accepted as the standard for information security management systems (ISMS). Companies who have this certification offer a higher level of trust to their clients that they can be trusted to manage sensitive information such as financial information, intellectual property, employee details, and any other information entrusted by the client. Mindy Support was independently audited and passed the certification requirements and received the certificate from the issuing organization, Bureau Veritas Ukraine.
Mindy Support’s CEO, Evgenia Khimenko:
“One of the priorities of Mindy Support is making sure our clients and business partners feel confident while working with us. That’s why despite the absolutely crazy times in 2020, we managed to get ISO 27001:2013 certification which proves that our IT and Security infrastructure is strong and capable enough to meet the requirements of even the most demanding clients. In addition to this, it allowed us to increase the reliability and security of our systems and information within the company, increase business resilience and improve management processes and integration with corporate risk strategies. This is only a part of our comprehensive efforts to increase the efficiency of our company’s infrastructure. The next step is getting SOC 2 compliance which I believe is the right step to build trust and stronger relationships with our clients.”
Let’s take a look at some of the processes we put in place to get the certification.
An Independent Auditing Process
The process towards ISO 27001 certification begins with an independent audit, which is a systematic, independent, objective, and documented process for gathering facts. In fact, there are many audits that need to take place before a certificate can be issued. Such audits are designed to help companies identify areas for improvement, ensure that they have best practice processes in place, and keep their corporate information and data protected.
Some of the objectives of ISO 27001 certification include:
- Ensure that the company’s Information Security Management System (ISMS) is compliant with ISO 27001 standards
- Addressing any issues with the ISMS
- Identifying any potential improvements to the ISMS
In order to pass all of the audits, we needed to make sure that our ISMS was fully compliant with ISO’s requirements. In the next sections, we discuss some of the operations that we carried out to make sure our processes met the highest standards possible.
What Processes Were Carried Out to Ensure Certification?
One of the first things we needed to do was make sure that we had a documentation system in place which allowed us to take organizational measures and keep control of information security consistently. The documentation includes corporate policy, internal rules, and risk management. This would make sure that all of the client’s information remained secure. We already had a business continuity plan for unexpected circumstances (power cutoff, internet disconnection, etc.), accidents (fire, flood, windstorm, etc.), and any other circumstances that may harm business processes.
Additional processes that were carried out included:
- The integration of several technical measures to make sure the administrative ones are implemented without obstruction.
- Instructing employees on how to act in each situation and how to utilize information properly, identifying do’s and don’ts precisely.
- Revising the access levels to various types of information and making sure that data stays in the right hands.
Now that we performed all of the necessary internal processes, it was time for the actual audit.
The actual audit was held in 2020 and Bureau Veritas Ukraine informed Mindy Support that it successfully passed the audit. They also issued a certificate that certified that Mindy Support was in full compliance with ISO standards in terms of building and managing remote teams of specialists in the field of sales and marketing, customer support, processing and analysis of graphic images, text, audio and video data, data collection, order management, data entry, CRM Management, administrative support, invoice processing and billing, photo editing, content moderation.
Mindy Support is a Trusted Provider of BPO and Data Annotation Services
As the ISO audit has proven, Mindy Support has the necessary modern and high-quality corporate security management system. Above all, the certification confirms that the information of our suppliers, clients, contractors, and coworkers that we get and processes within Mindy Support are protected with strict measures that comply with the ISO 27001:2013 standards. This is why clients can be confident in choosing Mindy Support with their data annotation and BPO needs.