← back to Blog
2
 min read
July 29, 2021

ISO27701 and Cronofy’s continuing commitment to security

We're constantly looking for ways to protect our customers’ data and their users data. The next step in our compliance program is ISO27701.

Cronofy is constantly looking for ways to protect our customers’ data and the data of our customer’s users. As part of this, we go to great lengths to research and evaluate new and appropriate accreditations, certifications and technologies.


We’re incredibly proud of our SOC2, ISO27001 and ISO27018 accreditations, along with our GDPR and CCPA compliance. However, we understand that there is always room for improvement, as we continue to maintain our position as the market leader when it comes to secure, Enterprise Scheduling.

Continuous improvement

Security and compliance are constantly evolving entities. There are so many variables that must be taken into account when running a comprehensive compliance program. Threats and risks to your business are continually changing, including customer requirements, your software and your infrastructure.


These variables and the landscape of ever-changing threats are why Cronofy operates a continuously improving approach to our compliance program, constantly evaluating the best ways to protect and secure our customer’s data.


The next step in our compliance program is completion of the ISO27701 certification.

ISO27701

The ISO and IEC created ISO27701 to provide specific guidance on implementing controls and policies to meet the requirements of the Data Protection Act 201 and the General Data Protection Regulation (GDPR).


The ISO27701 standard provides an overarching framework, which specifies how to successfully protect and store PII (Personally Identifiable Information) by establishing a Privacy Information Management System (PIMS).


ISO27701 ensures that companies have appropriate policies and controls in place to ensure the security of PII, despite the ever-changing privacy and threat landscape.

What’s next?

Implementing a PIMS under ISO27701 is no small feat and requires careful execution to ensure complete compliance. Cronofy’s ISO27701 audit is scheduled for March 2022 and we are fully committed to meeting all of the outlined requirements.


Until then, Cronofy customers can be confident that with our existing ISO27001, ISO27018, SOC2 Type 1, SOC 2 Type 2, CCPA and GDPR compliance. When you partner with Cronofy, you are working with the most secure, reliable and compliant scheduling platform on the market.


Please reach out to our dedicated compliance team with any questions at privacy@cronofy.com.

I’m Karl. My background is working within Engineering teams, responsible for helping small teams scale with the business they support. I’m an experienced leader with expertise in IT, Service Management, Engineering, DevOps, Compliance and Cyber Security.

Cronofy reviews sourced by G2