Merkle Science is proud to announce that we are now ISO/IEC 27001:2013 certified! As of 9 August 2021, Merkle Science received a certificate of registration stating its compliance with the ISO standards for IT security. The scope of the registration includes design, development, and release of ‘Blockchain Monitor’ and ‘Blockchain Investigator’ products, as well as support functions such as HR, IT, and information security.
Nirmal Aryath Koroth, Co-founder & Chief Technology Officer at Merkle Science, says: “Undertaking the extensive ISO certification process showcases our commitment to implementing robust IT security policies and procedures for our users. It reassures our customers and partners that their data assets are protected from loss and unauthorised access.”
What is ISO/IEC 27001:2013 Certification?
ISO/IEC 27001:2013 is the leading international standard for information security and specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
ISO/IEC 27001:2013 lays down requirements for the assessment and treatment of information security risks tailored to the needs of each organization. It specifies how businesses should mitigate risks associated with information security threats by setting out comprehensive policies, procedures, and training processes that need to be implemented at every level of the organization.
The certification is globally recognized, placing Merkle Science in line with information security’s best practices. Further, it confirms that Merkle Science has met the three key objectives of information security — confidentiality, integrity and availability of information — by implementing a robust risk management process.
With its ISO/IEC 27001:2013 certification, Merkle Science aims to continuously improve its risk management and information security process to retain this certification. We intend to conduct annual audits to ensure compliance with policies outlined by ISO and apply for recertification annually. Additionally, we will continue to maintain and upgrade our internal information security policy in accordance with ISO guidelines to ensure that our client’s data is not compromised and protected against data breaches.