Zaizi Ltd, an award-winning open source software consultancy, has achieved certification of its information security management systems (ISMS) to ISO 27001 with Bureau Veritas.
ISO/IEC 27001 (ISO 27001:2013) is the international standard that describes best practice for an information security management system. The certification demonstrates that Zaizi is following internationally recognised information security best practices.
During a programme of coordinated activities lasting six months, Zaizi successfully designed and implemented its ISMS - establishing a comprehensive security baseline for its enterprise. This, together with the changes to its organisation to direct and control the on-going programme, training of all staff and the introduction of additional security technologies, Zaizi has now established a firm basis for the on-going preservation of confidentiality (privacy), integrity and availability of its and its customers business critical information assets.
The scope of the certification covers Zaizi’s global operations based from its offices in London (UK), Seville (Spain) and Colombo (Sri Lanka). Certification encompasses all of Zaizi’s main business activities, specifically: Provision of IT consulting, professional services, project management, software development and business solutions and cloud services.
Zaizi Chief Information Security Officer David Hopkins said, “This accreditation recognises that we take information security seriously and is considered in all of our business activities. It demonstrates to our customers that we value their information and take all the necessary steps to manage and protect it. Knowing that we have engineered a comprehensive ISMS with supported monitoring and control measures, allows us to operate in full confidence.”
Zaizi Asia Director Gane Kumaraswamy commented, “This international standard which is used world-wide as a benchmark for information security really demonstrates the excellence of service we offer to our clients. Zaizi has worked on and delivered highly secure projects where we have ensured that we have the personnel that can be trusted to work in a position that may involve access to highly sensitive information. This is especially important given that the vast majority of our customers are from highly regulated industries such as government and financial services. Given that the Devops function which comprises of application support and cloud infrastructure support, predominantly runs from our Colombo office, this information security accreditation is testament of the high standards that we maintain.”