CoreLogic – Symbility
CoreLogic | Symbility creates a wide range of products that bring smarter thinking to the world of property insurance claims. Designed to work easily and seamlessly with one another, all helping to make your claims process easier, faster, and more efficient for everyone involved.
Why did you choose to get certified against
ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27017,
ISO/IEC 27034 and ISO/IEC 22301?
The ISO/IEC 27000 series are legislation agnostic, risk-driven and work for organizations of all types, sizes and industries. With international operations, ISO/IEC certifications allow us to best leverage our certifications. In addition, the ISO/IEC series contains standards, recommendations and guidelines, which can be easily combined for the need of an organization.
For instance, ISO/IEC 27701:2019 is a privacy extension to ISO/IEC 27001:2013 which is legislation agnostic. Each control is defined for the need of an organization. A risk can be addressed by adding new controls from related standards; ISO/IEC provides a framework for developing, implementing and maintaining measures while allowing us to personalize based on several international requirements. When selecting our certifications, we considered our stakeholders, our mission and values.
As a software development company and SaaS provider on which our client rely to process their policyholder data, we addressed information security, information privacy, secure software development, cloud security and business continuity.
What are the main benefits of your company after implementation and certification against ISO/IEC 27001, ISO/IEC 27701, ISO/IEC 27017, ISO/IEC 27034 and ISO/IEC 22301?
One of the key benefits of a certification is that it results in the implementation of risk management and continual improvement mechanisms that allow the organization to take better decision with a better flow of information. The Personnel is provided with instructions to perform their roles and responsibilities in accordance with relevant best practices, which allow them to have a better sense of our expectations. There is less ambiguity and reporting becomes easier, as security metrics can be identified and measured over time. It opens doors to threat intelligence, historical, and predictive analysis which provides management with a much better data visualization reporting, and even the use of AI-driven cybersecurity tools. Getting organized and moving by incremental improvements to address key risks, while also handling resources, are managing skills that can be reached through discipline. Certifications help us maintain this discipline, and prove it to our clients.
Certifications improve the speed and efficiency of the procurement process. Our clients are able to rely on independent audits to ensure that a minimal standard is in place, and legal counsels also can rely on these certifications rather than extensive provisions. We believe certifications are a mean to generate trust with our clients. Implementing these managing systems also allow for an overall better governance approach, including here the control over risks. Our organization has shifted towards a much more preventive than reactive mode, in alignment with many legislations.
About your experience with MSECB
The experience with MSECB has been extremely positive. Indeed, we planned and carried out the various audits in a way, which made it possible not to disturb unduly the operations of the company. Feedback from the interviews conducted was constant and formalized on a daily basis. The reports of the various certifications were validated before the final delivery of the documents and the final versions filed without any delay. MSECB acted in this context like a business partner.
“MSECB immediately responded to any request and was instantly available to offer their help and support. They have a good understanding of customers’ needs and excellent client orientation.”
“DAZN had an excellent experience with MSECB. The auditors were well prepared, with a high degree of knowledge of the ISO/IEC 27001 standard.”
“The high professionalism of the auditors and back-office employees, prompt assistance and excellent quality made our choice very simple. We are sure that when we chose MSECB we made the right choice.”
“The experience was rigorous and educating. The customer service is top notch.”
“Auditing by MSECB was a fantastic experience. The Auditor was very professional throughout the audit process and we are glad we chose MSECB as our certification body.”
“Our journey to ISO/IEC 27001 certification was surprisingly straightforward. Our auditors explained the process in advance, and we were able to meet the proposed schedule, which was much appreciated.”
“We had a great audit and are excited that we passed the assessment. The auditor was well experienced and MSECB
provided required support.”
“Everyone knows that an audit is not an easy process, and MSECB made it smooth. The MSECB team was very responsive, and all the answers to our questions were very clear and helpful.
We also felt that our company and our needs and ways of working were well understood. All the suggestions for improvement made perfect sense for us and were easy to put in place and get the buy-in of our employees”
“Protecting our customers and enhancing quality management has always been a priority for BIOS Middle East. Achieving ISO 9001, ISO/IEC 27001, ISO/IEC 27017, and ISO/IEC 27018 certifications provide independent assurance of our commitment to leverage the latest best practices and security controls around all our services.”
“It is important for an organization to get ISO 9001:2015 certification, to achieve efficiency in service delivery, and attain maximum customer satisfaction.”
“The ISO 9001:2015, ISO 45001:2018, and ISO 14001:2015 certifications are mostly a pre-requisite to participate in most major International EPC Tenders of large multi-national & government projects and very crucial in winning large clients. Following the decision to scale the business outside of Ghana, it was imperative that we get ISO certified.
The process has ultimately allowed us to boost the quality of our work/services, increase the satisfaction of our customers, and enhance the productivity and operational efficiency with the hope that it will set us apart from our competition.”
“By achieving ISO/IEC 27001 Tr3dent demonstrates commitment to provide our customers and partners with a level of information security conformity that meets the highest industry standards and secures our clients’ data accordingly.”
“Vision 2030 has been inspiring us to achieve an unprecedented step in the field of cybersecurity in line with the Kingdom’s aspirations to be one of the best cybersecurity leaders in the world.
Following our successful certification against ISO/IEC 27001:2013 and ISO 22301:2019, we consider ISO/IEC 27032:2012 certification as an additional step towards the achievement of our strategic goal to integrate the highest standards of cybersecurity and information security procedures.”
“Security within an organization belongs to everyone, and it requires the full effort of a team. Being audited and having conformity with the requirements for ISO/IEC 27001 and ISO/IEC 27701 certifications was and remains to be an opportunity to reinforce our commitment to data privacy and security not only for the customers and partners we serve, but in our company-wide culture.”
“Not only is ISO 13485 Certification a validation of the high standards that Sisu Global follows in our quality procedures to ensure a safe product, but it has also been critical in our expansion. ISO 13485 is recognized as a global standard and being certified with this standard, has opened up new global markets for our novel autotransfusion device, Hemafuse.”
“For us at Viseven, the ISO/IEC 27001 certification is a staple of corporate responsibility: it confirms our compliance with our customers’ information security requirements, as well as those of applicable legislation, all of which is engrained in our corporate DNA as part of the digital culture as a tech company.”
“The ISO 37001 certification process has been a starting point to drive organizational change and redefine trust within the company, as well as a good opportunity to provide extensive anti-bribery training to employees.”
“ISO/IEC 27001: To become more productive and ensure information security effectiveness.”
“By achieving ISO 9001 and ISO/IEC 27001 certifications, ELEKS has shown its commitment to quality and information security, ensuring that all the necessary controls are in place, and that its people, the technology, and their processes have met the requirements of these standards. The certifications assure clients and partners that ELEKS prioritizes robust quality, security and reliability in its delivery and management processes.”
“Being a leading pure cyber security company, we had to comply with high standards of information security and quality to strengthen our corporate responsibility and sustainability. The ISO/IEC 27001 and ISO 9001 certifications allowed us to raise our trustworthiness and reliability vis a vis our stakeholders as a cyber security service provider of reference in the region.”
“For Alter Domus, achieving ISO/IEC 27001 and ISO 22301 certification demonstrates to our customers and all interested parties that our information security and business continuity management systems operate to the highest industry standards.”
“Achieving ISO/IEC 27001:2013 certification further strengthens the deep trust we have built with our customers and partners, as well as further protecting our brand and enhancing our operations.”
“In one hand, MSECB customer service team proved their values by being really professional and keen on their approach. They were always ready and willing to support us with any clarity related to MSECB services. On the other hand, MSECB auditor/s showed a great maturity and competence at handling the entire certification audit process independently end-to-end. We highly recommend you to consider MSECB as your certification body so you can live a great experience”
“Certifications enable accountability by aligning technology, processes, and people to respond to imperatives regarding governance, risk, and compliance – or in other words, they demonstrate our trustworthiness through the lenses of an independent third party.”