Cronofy is committed to maintaining a robust and up to date information security program. A pillar of our information security offering is our ISO27001 certification.
ISO27001:2013 is an information security standard set out by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC), which specifies the requirements for establishing, implementing, maintaining and continually improving platforms and processes (otherwise known as the ISMS). The standard also sets out requirements for the assessment and treatment of information security risks.
The ISO27001 standard, as well as the other standards achieved by Cronofy, serves to demonstrate the fact that we have a world-class Information Security management system in place and ensure confidence in the way we handle all your data.
Achieving certifications is important - however we don't stop there. Cronofy is constantly evaluating developments and updates to standards, and continually updating policies and processes, to ensure we are as secure, and compliant as possible.
When you use Cronofy, you’re sharing potentially sensitive information with us. It’s our responsibility to make sure that we protect that data, and we take that responsibility very seriously. That’s why information security will always be a first-class concern for us.
Whenever we’re building or developing any aspect of our service, Security is a key consideration. We understand that our customers care deeply about the security of data, and it’s something we feel equally strongly about.
We want our customers to know that they can trust us to process and handle their calendar and event data – always securely and to the highest standards.
Some companies are able to use the ISO name for marketing purposes even though they don’t meet the standard. This is because their services are hosted with an ISO27001 compliant service provider.
At Cronofy, we believe in transparency and honesty, which is why we wanted to achieve our ISO27001 compliance before we began advertising ourselves as ISO compliant, despite also hosting our services within an ISO27001 compliant service provider.
In order to attain this certification, Cronofy’s compliance was audited and validated by an independent audit company, A-LIGN. Throughout the audit, Cronofy demonstrated a comprehensive and thorough approach to mitigating information security risks and the secure management of data.
As part of running an effective information security program, Cronofy is committed to continual improvement in line with ISO27001. Cronofy will be assessed every three years, with audits in between those. This certification helps Cronofy ensure that we are operating, and maintaining our ISMS and are protecting our customers’ data, in line with the standard.