Information Security Certification for ORTEC Routing Products

Companies are recognizing that information security-related items require attention and protecting data is of utmost importance. That is why it's ORTEC is proud to announce that Information Security Certification for ORTEC Routing Product (ISO-27001). Among the benefits of this certification include increased awareness of internal information security and the establishment of reasonable standards for the consistent execution of projects driven by policies and procedures, which ultimately results in higher accountability and better work quality.

DateApr 18, 2022

Benefits of Certification Go Beyond Increased Awareness of Internal Information Security

Security is a prominent part in everyone’s personal and professional lives. Companies are recognizing that information security related items require attention and protecting data is of utmost importance.

ISO-27001 is an international standard for Information Security that describes on how to setup, implement, monitor, maintain and audit an information security system. The primary focus is the protection of confidentially, integrity and availability of data (CIA) through policies, procedures and measurements without negatively impacting productivity. Measurements could either have a technical nature like secure login, access restrictions, an organizational nature with policies, procedures, roles, and asset registration, or a physical nature such as electronic locks, badges, etc.

Originally, ORTEC was certified in the Netherlands for its Workforce Scheduling products. Last year, ORTEC corporate leadership decided to extend the certification to routing products offered in the United States, the Netherlands, Belgium and Romania. To accomplish this goal, a multi-disciplinary team was formed to identify, review, define and implement information security controls, including policies and procedures for the execution of projects, Human Resources (HR) activities and Facilities security.

The first step was to perform a risk assessment to identify information security key areas of risk, establish feasible controls to mitigate such risks and inform any other challenges in need of close monitoring. Additionally, the risk assessment was intended to provide insights for the management of security best practices and demonstrate a strong control environment of vulnerabilities in the security space.

Subsequently, after successful completion of an internal review, management engaged an independent party to perform an audit to validate whether project implementation practices, Human Resources protocols and Facilities security were compliant with ISO-27001 guidelines as well as established policies and procedures were adhered to. This independent audit was conducted at the Atlanta office in Q4 2021, while the technology team in the Netherlands and customer support and SaaS Operations teams in Romania were audited concurrently. During beginning 2022, ORTEC had officially received the ISO-27001 certificate.

The benefits of this certification reach far beyond that of increased awareness of internal information security. It also establishes reasonable standards for the consistent execution of projects driven by policies and procedures, which ultimately results in higher accountability and better work quality.

For more information about this article, please reach out to your account manager.