(UPDATED) Emapta, a leading talent solutions provider, passed the ISO certification audit for its information security (ISO 27001) and data privacy (ISO 27701) management systems this September 2023.
Justin Arrojado, Emapta’s Head of Internal Audit, referred to the ISO 27001 and 27701 certificates as “two of the most important certifications to maintain.”
The journey towards the certification, Arrojado shared, was rigorous as external auditors had to conduct deep, independent audits into the company’s information management security system.
“The auditors had to make sure that Emapta has been following ISO’s mandatory clauses on people awareness, communications, and proper controls against cyber security threats,” he added.
While the ISO 27001 certification proves Emapta’s commitment in maintaining a robust information security management system, the ISO 27701 certification demonstrates that the company has “the necessary technical, administrative, and physical safeguards to ensure that personal data are properly handled in accordance with applicable privacy laws,” Arrojado explained.
Robust, well-rounded protection
Apart from ISO certifications, the company also passed the SOC 2 attestation for Security & Privacy Trust Service Criteria, another independent audit that follows a standard developed by the American Institute of Certified Public Accountants.
The SOC 2 audit shows that Emapta’s data management practices meet the strict standards of security in the United States’ heavily regulated industries.
“Our customers can have peace of mind knowing that our processes, systems, and measures align with the golden standards of the industry,” Arrojado said.
“We even have our internal, independent audit department to ensure that these controls are operating effectively and continue to be compliant to our certifications,” he added.
The road ahead
For Emapta, all certifications and attestations are part of its long-term plan to help client businesses grow in the safest and most secure global environment.
“We are now on our way to getting an attestation from the Payment Card Industry Data Security Standard (PCI DSS),” said Arrojado.