Why your association tech should be ISO certified
As associations are gathering more detailed data from their individual and organisation members (and their employees), often all centralised in a CRM / CMS, the need for high level information security is clear. Associations are relying more on technology for their operations and servicing members, so avoiding any breach of data or un-authorised access.
Benefits of using an ISO/IEC 27001 certified web-based membership system are: Improved information security, Reduced risk of data breaches, Increased customer confidence, Enhanced brand reputation, Improved compliance with regulations, Reduced costs and Improved efficiency. Without this accreditation for their online systems, any association should be very concerned they are managing their risks sufficiently.
ISO/IEC 27001 is an international standard for information security management systems (ISMS). It provides a framework for organizations to identify, assess, and manage their information security risks. The standard is designed to be flexible and adaptable to the needs of organizations of all sizes and in all industries. ISO/IEC 27001 is based on the following seven principles:
- Confidentiality: Information should be kept confidential to those who are authorized to access it.
- Integrity: Information should be accurate and complete, and should not be modified without authorization.
- Availability: Information should be available to those who are authorized to access it when they need it.
- Authorization: Access to information should be controlled to ensure that only authorized individuals can access it.
- Accountability: Individuals who access or process information should be held accountable for their actions.
- Risk assessment: Organizations should identify, assess, and manage their information security risks.
- Continuous improvement: Organizations should continuously improve their ISMS.
AAE's partner, Pixl8 Group, has just been awarded ISO/IEC 27001:2022 certification for their Software-as-a-Service (SaaS), web application products. In achieving this certification they have demonstrated that they operate a strong information security management system (ISMS) to ensure that the data that they hold and process through their Preside platform and associated software products is secure.
“We’re delighted to be awarded our ISO certificate. The team has worked incredibly hard to evaluate, enhance and document our information security procedures. With ever-changing and growing cybersecurity threats our clients can be assured that we have a strong information security system in place to protect their data and we are committed to maintaining and improving these standards.” Alex Skinner, CEO, Pixl8 Group