Just before the Norwegian winter holiday Chief Quality Officer Gro Nyhus of Visma IT & Communications proudly announced that the company had been awarded with the ISO/IEC 27018:2014 certificate. She had then received the physical evidence of compliance with ISO’s privacy framework for cloud services providers. The certificate marks the culmination of a nine month dedicated effort by the quality team.
ISO 27018 is the leading privacy-specific international standard for the cloud. It seeks to address issues such as keeping customer information confidential and secure, and preventing personal information from being unwillingly processed for secondary purposes. It is a code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
EY CertifyPoint (EYCP), the audit firm performing the quality audit confirms that Visma is the first company that has been provided with an ISO 27018 certificate by EYCP in both Norway and Europe. Being in the forefront on these burning topics, brought to public attention particularly by last year’s implementation of the General Data Protection Regulation (GDPR) is vital to maintain trust in Visma as a cloud-based service provider in the years to come.
Visma IT & Communications sees this and similar certifications as a significant competitive advantage, increasing its relevance as a supplier and service provider. Sales forces throughout the Visma Group should experience the ready third-party certificates (available through sister company Admincontrol’s elegant solution) as a sales enabler, as privacy awareness make prospects and customers increasingly ask how Visma complies with the complex regulatory landscape.
Want to know more about the upside of quality? Feel free to contact the expertise:
- Ana-Maria Antonescu, Quality Coordinator (firstname.lastname@example.org)
- Dan Candea, Visma CSIRT/CC Manager (email@example.com)
- Alexandru Cinezan, Information Security Analyst (firstname.lastname@example.org)
- Lars Martin Ottersen, Group Data Protection Officer (email@example.com)
- Hans Petter Holen, Chief Information Security Officer (firstname.lastname@example.org)
- Gro Nyhus, Chief Quality Officer (email@example.com)