We ensure that our entire team is aware of our security and quality standards and know how to apply them throughout all the activities they perform. In addition we have in place a dedicated team of professionals with a sole responsibility of ensuring our quality management (ISO 9001) and Security & Compliance framework (ISO 27001) is applied across all areas of the organisation.
ISO 27001:2013 - Information Security Management Systems (ISMS)
We use our ISO 27001:2013 ISMS to protect the confidentiality, integrity and availability of the information assets that are stored within our platform. This is done by finding out what potential problems could arise with the information (i.e. risk assessment) and then defining what needs to be done to prevent these issues from occurring (i.e. risk treatment).
ISO 9001:2015 - Quality Management System (QMS)
Using ISO 9001:2015 helps ensure that customers get consistent, good quality products and services, which in turn bring many business benefits. At Calligo we have built out our ISO 9001 QMS to provide a solid scalable framework for managing our business.
Calligo is currently aligned to ISO 27018 which is the first International code of practice that focuses on protection of personal data in the cloud. It is based on ISO information security standard 27002 and provides a set of additional controls and associated guidance intended to address public cloud Personally Identifiable Information (PII) protection requirements not addressed by the existing ISO 27002 control set.
Change Management and Access Monitoring
Any changes to data, systems or infrastructure must be requested through Calligo’s formal change management process, with approval required by its change board, which includes a member of our executive management team prior to any changes occurring.
Governance and Information Security
We ensure that our entire team is aware of our security standards and knows how to apply them throughout all the activities they perform. In addition we have in place a dedicated team of professionals with a sole responsibility of ensuring our Security & Compliance framework is applied across all areas of the organisation.