News
3
min read

Why we pursued ISO 27001 certification

Published on
August 1, 2022
Author
Paul Vavich
for GovConnex Research
Before GovConnex Research is published here, it's sent exclusively to GovConnex Platform subscribers.

What is ISO?

ISO 27001 is a certification issued by the International Organisation for Standardisation (ISO). It contains a set of high level technological and human standards for handling information securely.

The three key principles of the ISO 27001 certification are:

  • Confidentiality - information is classified and only disclosed to authorised stakeholders
  • Integrity - information is accurate
  • Availability - information is accessible when required

Together, these principles ensure that all customer information that GovConnex holds is secured to a high international standard.

Why is it important?

You are only as secure as your weakest link. The certification not only keeps our development team accountable, but it ensures that our organisation has the tools and processes across the entire organisation to continue to take action and improve our security posture.

Trust is critical, and while our data security procedures were already at the highest standard, it was important to get our processes certified by an independent third party; Particularly while the company scales.

Certifications like the ISO 27001 are essential when providing company data to third parties. By pursuing this certification a range of businesses that have desired a GovConnex subscription but have been held back by internal compliance policies can now sign up to the platform.

What it means for our customers

ISO 27001 verifies the trust our customers already have in GovConnex. However, it will also allow certain customers to upgrade their subscriptions to include our GRM (Government Relations Manager).

Some of the steps we took

ISO 27001 applies a strong security lifecycle across all technology assets. However, importantly it also verifies that physical and human assets are equally as secure. To achieve this, the entire team at GovConnex undertook extensive security training.  Security controls were put in place across both IT infrastructure and employee devices to ensure they met the compliance standard. 

The entire IT infrastructure was reviewed by a third party to ensure best practice was a reality across the entire stack. Along with a suite of policies and processes which will be used across the company to enforce strong security practice.

Our security team will continue to periodically audit our compliance. Importantly, ISO 27001 is renewed annually. As such, customers can be certain that GovConnex will continually be compliant to these high global standards.

Paul Vavich is the Chief Technology Officer at GovConnex.

Subscribe to newsletter

Subscribe to receive the latest insight, research and analysis to your inbox.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Research
10
min read

Asia-Pacific: State of Play

Everything you need to know about the state of our region
Insight
3
min read

Who are Australia’s major think tanks?

Getting to know Australia’s major think tanks.
Webinar
1
min read

Webinar: First 100 days of Labor for Government Relations

Featuring Former NSW Labor Premier Nathan Rees. Come along to understand the post-election landscape and learn top tips on how to work within the new Government environment.
Research
5
min read

The New Prime Minister of the United Kingdom

Get to know Liz Truss & Rishi Sunak, including an analysis of their policy differences and likely relation with Australia.

Get started today

Join the leading organisations and upgrade your government affairs workflow with the most advanced software suite.

Subscribe
Join our newsletter to receive research, analysis and insight.
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.