Virtual Pay, a payment solutions provider has been awarded ISO 27001:2013 certification for its Information Security Management System (ISMS).
The payment solutions provider was awarded the certification after an extensive audit of the company’s internal operations looking closely into confidentiality, integrity and availability of corporate and personal data security systems in its operations.
“Achieving the coveted ISO/IEC 27001 certification is a huge accomplishment. We are extremely delighted to be awarded this certification following a rigorous audit undertaken by the assessment body. This certification affirms our commitment to the highest level of data security and marks one more step in our efforts to demonstrate the company’s transparency,” said David Morema, Virtual Pay Chief Executive Officer.
He further noted that information security is key in the payments sector as this ensures confidentiality and protection of personal information thus protecting customers (both corporate and individuals) from cyber attacks and fraud.
“Our priority is protecting the assets and data of our customers, partners and employees,” he added.
Mr Morema is optimistic that the accreditation will help the company deliver systematic and continuous management of information security risks, as it proves the completeness and rigor of security controls while providing clients with an additional level of assurance.
“With the newly acquired status, we shall continue offering excellent services to our customers and aim to always exceed industry standards to safeguard customers,” he said.
ISO 27001 is a global standard for information security, published by the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC). Implemented and accepted worldwide, ISO 27001 is the gold standard certificate in IT security. This standard sets over 100 requirements that outline how to implement, monitor, maintain and continually improve an ISMS within the context of the organization and its business needs. These requirements are related to physical security, product security, financial information, intellectual property, HR processes and management’s commitment to security.
The company says it will continue to ensure its products and processes meet or exceed the security standards and expectations of its customers, partners and employees and the broader industry. The scope of the ISO/IEC 27001:2013 certification covers the ISMS supporting Virtual Pay’s human resources, information technology, software development, leadership and customer support functions. The company says it will also enhance the implementation and maintenance of controls including data encryption, vulnerability management, business continuity, and disaster recovery plans.
In addition to this certification, Virtual Pay is also fully PCI DSS compliant.