CompliancePoint, Inc., a leading provider of risk management services focused on privacy, data security, and compliance, has partnered with Mastermind, a certification body accredited by the International Accreditation Service that specializes in the auditing of ISO standards. The companies will work together to guide organizations through the entire ISO certification process, from initial readiness assessments and policy development to the resulting certification audit.
CompliancePoint is an advisory partner that works closely with customers to help them prepare for their external ISO audit and maintain the underlying management system after initial certification issuance. Engagements typically begin with an upfront gap assessment to identify where an organization’s existing security program falls short of ISO requirements. CompliancePoint’s ISO experts work with customers to design and implement the security controls, policies, and procedures that bring the organization into conformity with these nuanced ISO standards.
When an organization is ready to test its ISO compliance, Mastermind can conduct the third-party assessment and determine if certification can be issued under accreditation. Following a successful audit, Mastermind can perform the surveillance and recertification audits needed to keep the certification in good standing.
Organizations can utilize the CompliancePoint and Mastermind partnership to achieve certification with the following ISO standards and related extensions:
ISO 27001: This highly recognizable standard is designed to help organizations protect their data through an Information Security Management System (ISMS). CompliancePoint and Mastermind can also help with popular extensions, such as ISO 27017 and ISO 27018 that comprise relevant security and privacy controls for environments leveraging public cloud environments.
ISO 27701: This privacy-focus standard protects personally identifiable information (PII) through a Privacy Information Management System (PIMS) while providing a snapshot to an organization’s alignment with laws, such as the European Union General Data Protection Regulation (GDPR).
ISO 42001: This new artificial intelligence (AI) standard is designed to mitigate risks associated with the development, implementation, and management of AI systems via an AI management system (AIMS). In July, Mastermind announced its award as the first certification body globally to offer these certification services under accreditation.
CompliancePoint and Mastermind can also help businesses obtain registration onto the Cloud Security Alliance Security, Trust, Assurance, and Risk (CSA STAR) registry. Similar to ISO 27017, CSA STAR assesses additional security controls expected of cloud service providers as an extension to an underlying ISMS. Mastermind is part of a small group of approved Certified STAR Auditors.
“We’re excited to join forces with a company that has the proven level of ISO expertise of Mastermind,” said CompliancePoint President Greg Sparrow. “Our combined service offerings provide greater clarity and consistency throughout the process, saving our customers time and money, and ultimately leading to more successful outcomes with less headaches.”
“This alliance goes beyond a simple referral network, as both of our organizations share a strong foundation, a broad community, and a shared vision for the future of trust among service providers through verifiable, continuous assurance programs. We are intrigued by the opportunity to exchange insights on our overlapping areas of expertise and to further strengthen our combined specialization across these frameworks,” said David Forman, Chief Executive Officer at Mastermind.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!
