With ransomware attacks rising more than 50 percent in 2021 and signs of even greater cyber risk on the horizon, effective, enterprise-wide cybersecurity must be a top priority for every organization worldwide. Demonstrating its strong commitment to information security management and cyber risk prevention, the American National Standards Institute (ANSI) is pleased to announce that it has achieved ISO/IEC 27001 certification, verifying compliance with the International Standard ISO/IEC 27001: 2013, Information technology — Security techniques — Information security management systems — Requirements.
The rigorous process, which began nearly three years ago, demonstrates the Institute’s commitment to safeguarding its business and keeping its data—and that of its members, partners, and customers—protected.
“ANSI’s certification to ISO/IEC 27001 is the latest milestone in our robust digital transformation strategy to further enhance information security, resiliency, and business continuity,” said ANSI president and CEO S. Joe Bhatia. “It’s an intensive process for a reason—because it’s the gold standard in information security protection. ANSI’s members, partners, and customers can be assured our commitment to information security is true and tested.”
ISO/IEC 27001: 2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system. It also includes requirements for the assessment and treatment of information security risks.
“With ISO/IEC 27001 certification in place, ANSI is working to future-proof our business against ever-increasing security threats while increasing our ability to grow and prosper in the rapidly changing business environment,” said Bhatia.