ISO 27001 Certification

ISO/IEC 27001 specifies requirements for the establishment, implementation, monitoring and review, maintenance and improvement of a management system – an overall management and control framework - for managing an organization's information security risks. It does not mandate specific information security controls but stops at the level of the management system.

Bringing information security under management control is a prerequisite for sustainable, directed and continuous improvement. An ISO/IEC 27001 ISMS therefore incorporates several Plan-Do-Check-Act (PDCA) cycles: for example, information security controls are not merely specified and implemented as a one-off activity but are continually reviewed and adjusted to take account of changes in the security threats, vulnerabilities and impacts of information security failures, using review and improvement activities specified within the management system.

As part of the ISO/IEC 27001 process, BSI, a leading global provider of standards, management systems, business improvement and regulatory approval information, performed on-site assessments, examined RenewData's documented procedures, and audited its overall operations. To determine continued compliance with ISO/IEC 27001, BSI will periodically conduct routine surveillance audits of RenewData's business operations to ensure that the information security controls that have been put in place continue to meet the organization's information security needs on an ongoing basis.

As one of the first providers of eDiscovery and Review Solutions to earn this certification, RenewData continues to demonstrate our commitment to continually meet the industry's most stringent security standards for the benefit of our clients and keeping their data secure.