Blog

The Kyriba Application Receives ISO 27001 Certification

By Kevin Bailey
CISO, Kyriba

We are pleased to announce the Kyriba application has received its ISO 27001 certification.

Kyriba has demonstrated its ability to have the people, processes, systems, and infrastructure to protect data properly and to provide customer assurance to the ISO 27001 certification, as granted by a certified ISO 27001 auditor Schellman and Co.

Global Standard

ISO/IEC 27001 is a globally recognized framework and designed for any system that contains sensitive information. Kyriba has selected this framework to manage security using the information security management system (ISMS) in order to keep customer data safe, and as the leading cloud fintech continues to maintain commitments to customers to protect their sensitive financial information.

This certification is a valuable compliance framework with ample controls and processes to address the numerous security breaches in the industry, the vast amount of regulatory and compliance requirements for information security targeted to the systems in the financial market, and customer expectations and assurances for information security.

The ISO 27001 certification provides many benefits to minimize risk and maintain international regulatory standards:

  • A risk management framework to address and provide treatment plans to evolving risks
  • An approach to maintain confidentiality, integrity, and availability of the system
  • Improved management processes and oversight throughout all business departments
  • Increased reliability, resiliency, and overall security
  • Alignment with customer expectations and their risk strategies

Kyriba is committed to maintaining the ISO 27001 certification and ISMS for its global customers, in addition to our SOC1 / SOC2, SWIFT AL2, and SWIFT Service Bureau audit certifications.

About the ISO 27001

ISO 27001 is an internationally recognized certification process verifying the implementation and effectiveness of 114 specific information security controls as defined by the International Organization for Standards (ISO). An ISO 27001certification requires that the organization has demonstrated that it has a working Information Security Management System (ISMS), mitigating risk through the implementation of controls by processes, policies, or systems, across departments and staff. The ISMS is a complete system for assuring information security, and organizations achieving this standard have demonstrated, at the very least, a solid system for managing their information security.

Maintaining this certification requires two annual audits to review the processes and controls of the ISMS. The first is called the Internal Audit, and despite the name, Kyriba engages an independent, certified third party auditor to conduct this review. A second certification audit is conducted, for which Kyriba enlists the services of the Schellman & Company.

Share