We are proud to announce that we have achieved the Global Standard in Information Security Management System Certifications with our recent ISO 27001 certification.
The ISO 27001 certification, along with our existing SOC 2 Type II, demonstrates AEG’s strong commitment to deliver the best practices in security controls, information technology and cybersecurity to our clients and their customers.
Many of AEG’s client are highly regulated utilities, Federal and Provincial agencies, and implementation partners. These clients trust AEG with their sensitive data, and with this additional certification, they can be confident in how AEG handles, stores, and secures their data on our systems, including the industry leading DSM tracking and reporting solution, VisionDSMTM.
Ever growing state, federal, and international legislation and privacy laws like GDPR have highlighted the increasing attention paid to data protection. Companies using our Vision solutions or consulting services, need guarantees that their data will be managed and secured using methods conforming to formal, globally recognized processes. Increasingly, certified approaches to data security are a prerequisite for solution and service adoption.
Certification of AEG’s ISMS means our clients can expect systematic and ongoing management of information security risks that can affect the confidentiality, integrity, and availability of corporate and customer information. Implemented controls include security-by-design product development, data encryption, vulnerability management, business continuity and disaster recovery plans, and much more.
The global standard for information security is ISO/IEC 27001:2013. Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), this standard sets more than 100 requirements for the creation of a comprehensive information security management system, or ISMS. These requirements are related to the physical security of facilities, software product security (from development to delivery environments and processes), financial information, intellectual property, HR processes and personnel, and management’s commitment to security work.