News
3
min read

Why we pursued ISO 27001 certification

Published on
August 1, 2022
Author
Paul Vavich
for GovConnex Research
Before GovConnex Research is published here, it's sent exclusively to GovConnex Platform subscribers.

What is ISO?

ISO 27001 is a certification issued by the International Organisation for Standardisation (ISO). It contains a set of high level technological and human standards for handling information securely.

The three key principles of the ISO 27001 certification are:

  • Confidentiality - information is classified and only disclosed to authorised stakeholders
  • Integrity - information is accurate
  • Availability - information is accessible when required

Together, these principles ensure that all customer information that GovConnex holds is secured to a high international standard.

Why is it important?

You are only as secure as your weakest link. The certification not only keeps our development team accountable, but it ensures that our organisation has the tools and processes across the entire organisation to continue to take action and improve our security posture.

Trust is critical, and while our data security procedures were already at the highest standard, it was important to get our processes certified by an independent third party; Particularly while the company scales.

Certifications like the ISO 27001 are essential when providing company data to third parties. By pursuing this certification a range of businesses that have desired a GovConnex subscription but have been held back by internal compliance policies can now sign up to the platform.

What it means for our customers

ISO 27001 verifies the trust our customers already have in GovConnex. However, it will also allow certain customers to upgrade their subscriptions to include our GRM (Government Relations Manager).

Some of the steps we took

ISO 27001 applies a strong security lifecycle across all technology assets. However, importantly it also verifies that physical and human assets are equally as secure. To achieve this, the entire team at GovConnex undertook extensive security training.  Security controls were put in place across both IT infrastructure and employee devices to ensure they met the compliance standard. 

The entire IT infrastructure was reviewed by a third party to ensure best practice was a reality across the entire stack. Along with a suite of policies and processes which will be used across the company to enforce strong security practice.

Our security team will continue to periodically audit our compliance. Importantly, ISO 27001 is renewed annually. As such, customers can be certain that GovConnex will continually be compliant to these high global standards.

Paul Vavich is the Chief Technology Officer at GovConnex.

Subscribe to newsletter

Subscribe to receive the latest insight, research and analysis to your inbox.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Research
15
min read

2023 Federal Budget Summary

Everything you need to know about the 2023 Australian federal Budget.
Research
5
min read

2023 Australian Federal Budget Announcement Tracker

Track all the key policy announcements in the lead up to the May 9 Australian federal budget.
Insight
2
min read

2023 NSW Election Preview: Webinar

The New South Wales election is coming up on Saturday 25th March 2023. Become an expert on the race and leave with tangible tips you can action as a public affairs professional.
Research
2
min read

2023 New South Wales Election Power Rankings

2023 New South Wales Election Power Rankings

Want to explore more?

Sign up to see GovConnex in action

Subscribe
Join our newsletter to receive research, analysis and insight.
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.