As of June 2022, TASConnect has successfully obtained the ISO 27001:2013 certification for the company’s Information Security Management System during its first year of commercial operations. In conjunction with the ISO team, TASConnect formulated, reviewed, and approved a predefined set of ISO27001 compliant policies as well as underwent a detailed audit process before finally receiving the certification.
As TASConnect plays a crucial role in seamlessly integrating into a client’s complex workflow and supply chain ecosystem, as such data privacy and cybersecurity are the utmost priority to establish trust and reliability with the clients. ISO 27001 certification demonstrates TASConnect’s commitment and ability to effectively implement and maintain a safe, secure, and resilient Software-as-a-Service platform, which ensures a high-degree of confidentiality, integrity, and visibility of critical data assets for clients.
To maintain the high security control standards, TASConnect routinely conducts Cybersecurity Governance Forums to regularly review the statuses of all in-scope controls. Compliance and adherence to the policy set is thus reviewed efficiently, and action items are tracked to closure in a timely manner.
Progressively, TASConnect will look to increase the review items through an automated dashboard to ensure reliability and further streamline the process. This ensures that the Technology Risk policy set is kept up to date as the organisation continues to evolved and mature.
About ISO27001:2013 Certification
ISO 27001 is one of the world’s best-known and the only auditable international standard that defines the requirements of an information security management system (ISMS). ISO 27001:2013 specifies the cyber security requirements for the continuous management and improvement of the organization’s ISMS. This includes the assessment and handling of information security risks pertaining to the nature of the organization.
Source: ISO/IEC 27001:2013