SAN DIEGO--(BUSINESS WIRE/AETOSWire)-- Kyriba (“the Company”), a global leader of cloud finance and IT solutions, today announced that the Company recently completed its ISO 27001 surveillance review audit with no nonconformities noted. The surveillance review displays Kyriba’s commitment to maintaining the ISO/IEC 27001:2013 (ISO 27001) certification and ISMS for its global customers.
The ISO 27001 standard includes the requirements of an Information Security Management System (ISMS) and a control framework of 14 control domains covering 114 specific information security controls that should be considered to reduce the information security risk relevant to the scope of the ISMS. An ISO 27001 certification requires that Kyriba has demonstrated it has a working Information Security Management System (ISMS) in conformance with the requirements of ISO 27001, it is mitigating risk through the implementation of controls by processes, policies or systems across departments and staff relevant to the scope of its ISMS. The ISMS covers the availability and secure delivery of the Kyriba Software as a Service (SaaS) applications and protection of the confidentiality and integrity of financial data imported into the application by clients.
The ISO 27001 provides the information security governance framework on top of which other standards and security controls are built.
“These audits represent Kyriba’s commitment to corporate security and our priority of maintaining the latest regulatory and compliance requirements,” said Eric Adams, Chief Information Security Officer for Kyriba. “At a time when companies are relying on their information systems more than ever, we recognize the need to perform ISO required surveillance audits to provide premier level of security, which is in line with our customers’ expectations.”
ISO 27001 is a globally recognized framework designed for any system to address information security risks. Kyriba selected this framework to manage security using the ISMS in order to keep customers’ data safe and protect their essential and sensitive financial information.