The ISO 27001 certifies that we operated an Information Security Management System (ISMS). This means that we perform many activities to continuously analyze, assess, and improve our information security in the organization (similar to ISO 9001). However, the ISMS certification does not include details about the control framework, and wether we are compliant with it. During the ISAE-3402 assurance audit, the auditor checks in detail, by conducting interviews and collecting evidence, if our controls are effective. Based on these observations, the auditor provides a qualified opinion wether our security posture is effective or not.
The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments related to data retrieval, storage, processing, and transfer. The reports cover IT General controls and controls around customer data availability, confidentiality, and security. The SOC 1 reports primarily examine controls relevant to customers’ financial reporting. Additional information can be found here.
The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments related to data retrieval, storage, processing, and transfer. The reports cover IT General controls and controls around customer data availability, confidentiality, and security. The SOC 2 reports cover controls around customer data security, availability, and privacy. Additional information can be found here.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU residents and provides individuals the right to exercise control over their data. We are committed to our customer’s success, including supporting them on their GDPR compliance journeys. Additional information can be found here.
Navis Germany GmbH – Carrier and Vessel Solutions
ISO certification is a seal of approval from a third-party body that a company runs to one of the international standards developed and published by the International Organization for Standardization (ISO).
The ISO is an independent, non-governmental international organization that brings together experts to share knowledge and develop international standards that support innovation and provide solutions to global challenges.