News
3
min read

Why we pursued ISO 27001 certification

Published on
August 1, 2022
Author
Paul Vavich
for GovConnex Research
Before GovConnex Research is published here, it's sent exclusively to GovConnex Platform subscribers.

What is ISO?

ISO 27001 is a certification issued by the International Organisation for Standardisation (ISO). It contains a set of high level technological and human standards for handling information securely.

The three key principles of the ISO 27001 certification are:

  • Confidentiality - information is classified and only disclosed to authorised stakeholders
  • Integrity - information is accurate
  • Availability - information is accessible when required

Together, these principles ensure that all customer information that GovConnex holds is secured to a high international standard.

Why is it important?

You are only as secure as your weakest link. The certification not only keeps our development team accountable, but it ensures that our organisation has the tools and processes across the entire organisation to continue to take action and improve our security posture.

Trust is critical, and while our data security procedures were already at the highest standard, it was important to get our processes certified by an independent third party; Particularly while the company scales.

Certifications like the ISO 27001 are essential when providing company data to third parties. By pursuing this certification a range of businesses that have desired a GovConnex subscription but have been held back by internal compliance policies can now sign up to the platform.

What it means for our customers

ISO 27001 verifies the trust our customers already have in GovConnex. However, it will also allow certain customers to upgrade their subscriptions to include our GRM (Government Relations Manager).

Some of the steps we took

ISO 27001 applies a strong security lifecycle across all technology assets. However, importantly it also verifies that physical and human assets are equally as secure. To achieve this, the entire team at GovConnex undertook extensive security training.  Security controls were put in place across both IT infrastructure and employee devices to ensure they met the compliance standard. 

The entire IT infrastructure was reviewed by a third party to ensure best practice was a reality across the entire stack. Along with a suite of policies and processes which will be used across the company to enforce strong security practice.

Our security team will continue to periodically audit our compliance. Importantly, ISO 27001 is renewed annually. As such, customers can be certain that GovConnex will continually be compliant to these high global standards.

Paul Vavich is the Chief Technology Officer at GovConnex.

Subscribe to newsletter

Subscribe to receive the latest insight, research and analysis to your inbox.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Resource
2
min read

New Zealand Parliament 2023 Sitting Date Calendar

Calendar invite links for New Zealand Parliament's 2023 sitting dates.
Resource
2
min read

Australian State and Federal Parliament Sitting Date Calendars 2023

iCal/ICS/Google Calendar/Outlook Calendar invite links for all Australian state and federal parliament sitting calendars.
Webinar
1
min read

NFPs and for-purpose organisations: Essential government relations tips for 2023

Get ready for 2023 and boost your government relations capabilities at our webinar co-hosted with Paul Ramsay Foundation.
Resource
2
min read

Australian Federal Parliament 2023 Sitting Dates Calendar

iCal/Google Calendar links for the Australian Federal Parliament's 2023 sitting dates.

Want to explore more?

Sign up to see GovConnex in action

Subscribe
Join our newsletter to receive research, analysis and insight.
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.