Proctorio achieves ISO 27001:2013 Information Security Certification
Proctorio is excited to announce that we have successfully achieved the ISO 27001:2013 Information Security Certification!
To demonstrate our dedication to information security, Proctorio has become the first learning integrity platform to receive ISO/IEC 27001:2013 certification. Proctorio has received third-party accreditation in accordance with the published International Standards Organization criteria. A-LIGN, the third-party auditor that completed our independent SOC 2 Type 1 security audit in February 2021, also performed Proctorio’s initial certification audit to certify Proctorio’s ISMS against the ISO 27001 standard.
The initial certification audit was conducted in two stages: stage 1 and stage 2. On March 8, 2021, A-LIGN completed stage 1, which included reviewing the documented ISMS information, obtaining the necessary information regarding the scope of the ISMS, and determining the preparedness for stage 2. Between April 19, 2021 and April 30, 2021, A-LIGN proceeded to evaluate the implementation, including effectiveness, of our ISMS. After these two stages, A-LIGN found zero major nonconformities, signaling that Proctorio’s ISMS was effectively implemented and managed.
In order to achieve this milestone, Proctorio has developed a thorough internal control policy and system that addresses over 350 standards for an effective ISMS. One by one, we explained how we implement each standard within our organization, measured the implementation internally, and then invited a third party to verify our work. Working with A-LIGN to audit our information security processes has been an extremely validating and gratifying experience for the Proctorio team.
ISO 27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to standardize the process for establishing, implementing, operating, monitoring, reviewing, and maintaining an ISMS. By the end of August, Proctorio looks forward to adding yet another security milestone to its collection by completing the SOC 2 Type 2 security audit, an internal controls report that verifies how a company safeguards customer data.