Milan, July 23rd, 2020
In July 2020, SupplHi SaaS – the Vendor Management platform for industrial equipment and services – has doubled down its ISO certifications by obtaining ISO/IEC 27017:2015 certification, a widely recognized international standard covering information security controls for cloud services.
The new certification for SupplHi comes along with the renewal of its ISO/IEC 27001:2013, initially obtained in July 2019, for Information Security Management Systems for the “Design, development and management of a SaaS platform for the collection and management of Vendor Management information”.
SupplHi is a SaaS (“Software as a service”), 100% cloud platform, meaning that many aspects of the Information Security Management System are incorporated by design. Furthermore, the cloud-based nature enables access anytime, from anywhere, by eliminating the need to download or install any software or waiting for new features to be released. This is why the ISO/IEC 27017:2015 has a strong relevance for SupplHi and its Clients.
Achievement of ISO/IEC 27017:2015 is a clear demonstration of SupplHi’s continuous commitment to its clients’ information security while aligning with the highest global standards on Information Security Management Systems. The certification provides additional implementation guidance for ISO 27001 -that establishes requirements for the effective management of information security via an Information Security Management System (ISMS)- controls and recommends additional controls with implementation guidance related to cloud services.
To attain ISO 27017 certification, SupplHi was assessed by an independent Auditor – Bureau Veritas – against the framework and guidelines set forth by the International Organization and International Electrotechnical Commission (IEC). The ISO 27000 family of standards is a widely recognized international set of standards detailing best practices for the management of information security and privacy.
During the Audit there were no non-conformities encountered and the Auditors mentioned in the Audit Report some of the good practices encountered in SupplHi:
- “Highly updated technological platform with the use of the latest Container and Automated Scalability technologies;
- “Vertical SaaS platform with strong orientation towards application safety;
- “Excellent technical and management competences of the organization’s resources.”