We ensure that our entire team is aware of our security standards and knows how to apply them throughout all the activities they perform. In addition we have in place a dedicated team of professionals with a sole responsibility of ensuring our Security & Compliance framework is applied across all areas of the organisation. This includes all products brought to market, the operational management of the service and the day-to-day management of the company.
Our security framework is implemented, audited and controlled by our dedicated Security & Compliance group. Leading this group is our Chief Security Officer, who is a member of the executive management team, ensuring that security is positioned at the highest level of management, leads this group.
This group is resourced with dedicated professionally trained and certified experts who ensure our operation is compliant at all times, and that we are always up to date with the latest techniques and countermeasures available.
We are ISO certified, with all process and procedures controlled within our Quality Management System, which is formally certified to ISO9001:2008 and ensures that we constantly integrate best practice and operational improvements across our platform. As part of the ISO certification process all of our processes and procedures have being independently reviewed, measured and audited to ensure our processes and procedures are of the highest standard, and that we are applying them correctly across all areas of the organization.
Calligo is the first cloud services company in Jersey to be ISO 27001:2013 certified with its scope applying to all areas of our business. We constantly ensure our compliance by measuring and reporting against our framework – this in turn provides the executive team real time information allowing informed decision making from the top table. In addition, the policies and procedures that we have deployed are aligned to CSA Star. A number of the 114 controls within ISO 27001:2013 focus on CSA Star, which ensures our platform and our clients are aligned to the latest thinking about cloud security and the potential areas for enhancement.