Certifications

QBurst has received ISO certifications ISO/IEC 27001:2013 and ISO/IEC 27701:2019 in January, 2023. These certificates testify to our commitment to information security and the implementation of an Information Security Management System (ISMS) based on international standards and best practices.

For our clients, this means that their data and information are protected by a company that has taken steps to secure it in a systematic and organized manner. We have implemented processes and controls to ensure the confidentiality, integrity, and availability of our client's information.

ISO/IEC 27001:2013

ISO/IEC 27001:2013 is an international standard for information security management. It provides a framework for managing and protecting sensitive information and is designed to help organizations establish and maintain a systematic approach to information security.

The standard outlines the requirements for an information security management system (ISMS) and provides a set of best practices for managing information security risks.

ISO 27001 covers best practices on security policy, risk assessment and management, asset management, and measures to control access to information. It provides guidelines on cryptography, physical and environmental security, operations security, and communications security. Additionally, this standard also provides a framework for system acquisition, development, maintenance, and supplier relationships.

By implementing the controls outlined in ISO/IEC 27001:2013, organizations can demonstrate to clients, partners, and shareholders that the organization is following the best practices for not only technology that handles information but also how people and business processes handle customer data. Organizations can assure their clients that they are following international best practices for establishing, implementing, maintaining, and continually improving their ISMS.

ISO/IEC 27701:2019

ISO/IEC 27701:2019 is an extension to the ISO/IEC 27001:2013 standard for information security management and is specifically designed for privacy information management. It provides a set of privacy-specific controls and procedures that can be integrated into an organization's existing ISMS.

The standard focuses on protecting personal data and covers key areas such as privacy risk management, privacy impact assessments, data protection by design and default, and privacy-enhancing technologies. It also covers the management of privacy breaches, data subject rights, and the appointment of a privacy officer.

ISO/IEC 27701:2019 provides organizations with a structured approach to privacy management that helps ensure that personal data is collected, processed, and stored in a way that complies with privacy regulations such as the General Data Protection Regulation (GDPR).

By implementing the controls and procedures outlined in ISO/IEC 27701:2019, organizations can demonstrate their commitment to privacy and build trust with their customers, employees, and other stakeholders. It helps organizations manage privacy risks and minimize the impact of privacy breaches, which can have serious consequences for an organization's reputation and financial stability.