Suprema Renews Two International Standard Certifications at Once
Now recertified in compliance with ISO/IEC 27001 and ISO/IEC 27701, ISMS established by ISO and IEC, the most authoritative organizations in the field of data protection.
Suprema announced that they have simultaneously renewed two important international standard certifications regarding information security management (ISO/IEC 27001) and privacy information management (ISO/IEC 27701).
Suprema is now recertified in compliance with ISO/IEC 27001 and ISO/IEC 27701, international standard certifications for information security management systems (ISMS) established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the most authoritative organizations in the field of data protection. After first acquiring the certifications in 2019, Suprema was able to re-acquire the certifications again this year according to its renewal cycles. Through a process of annual follow-up evaluations, it has been verified once again that Suprema has continuously maintained data protection capabilities that meet high global standards.
What are the Requirements for ISO/IEC 27001?
ISO/IEC 27001 can be certified only when all requirements are satisfied according to 114 controls in 14 categories including information security policies, supplier relationships, and operations security.
ISO/IEC 27701 specifies requirements and provides guidance for protecting private information, such as conditions for data collection and processing, encryption, and de-identification of personally identifiable information at a level that complies with GDPR (General Data Protection Regulation) of the European Union.
Suprema has enhanced its security policy at an enterprise-wide level, applying GDPR compliance to the company’s BioStar 2 software, access control hardware devices, website, and internal security regulations. Suprema distributes guidelines to customers who have deployed Suprema products, to help them safely manage users' personal information, maintain an 'information security management system' at all times, and strengthen its ‘security incident response plan’ to establish stricter security policies.
“Suprema is making continuous efforts to invest in information security and personal information protection at all stages from product design and development,” said Suprema CEO Hanchul Kim. “We will continue to maintain strong data protection capabilities that meet global standards and provide access control security solutions that customers can trust.”