Agiliway completes ISO 27001:2022 certification

Agiliway has successfully completed ISO 27001:2022 certification which stands as proof of the company’s Information Security Management System being compliant with the most recent international regulations.

Our News

Agiliway has successfully renewed its ISO 27001 certification from 2013 to the latest ISO 27001:2022 standard. The 2022 version introduced several significant changes, with some provisions of the 2013 version being edited or merged.

Below are provided a few of the most fundamental updates introduced to ISO 27001:2022 if compared to the 2013 version:

• ISO 27001:2022 adopts the Annex SL high-level structure,
  which is a common framework for ISO management system standards. This makes it easier to integrate with other standards like ISO 9001.
• The 2022 version emphasizes the organization’s
  needs and expectations of the parties bound by contractual obligations. This helps better align the ISMS with the business strategy.
• Although the 2013 version
  also required risk assessment and management, the 2022 version provides more detailed guidance and focuses more on risk assessment, how to avoid them, and what threats they carry.
• The 2022 version
  requires a company’s TOP executives to participate more in promoting and supporting the ISMS.
• Annex
  A has been updated with a control set to reflect up-to-date information security practices and emerging threats. Some controls have been merged or restructured, and new controls have been added. For example, controls related to cloud security, threat intelligence, and data leakage prevention have been included or updated.
• The concept of continual improvement has also become central in the 2022 version.
  This way the ISMS remains effective and responsive to changing threats and opportunities.
• There is a stronger focus on monitoring, measurement, analysis, and evaluation.
  The 2022 version requires organizations to evaluate the performance and effectiveness of the ISMS more carefully.
• Data security objectives
  are now required to be more specific, measurable, achievable, and relevant, ensuring that they align with business goals and simpler progress assessments.
• Increased emphasis on managing information security
  within the supply chain, recognizing the risks posed by third-party vendors and partners.

These updates show how quickly the tech industry is changing with a vast number of information security threats appearing daily. Organizations are expected to adopt a more integrated approach to managing information security, considering all the risks.

The Agiliway team is proud to be able to deliver high-quality solutions to our clients and meet the strict security and quality management regulations. The certificate can be provided

Our News