News

TLScontact Successfully Achieves ISO 27001:2022 Certification 

10/11/2023

2 min to read

TLScontact Successfully Achieves ISO 27001:2022 Certification 

TLScontact is delighted to announce that it has renewed its certification ISO/IEC 27001:2022 – Information Security Management Systems. This significant accomplishment is a testament to our unwavering commitment to the security of the data we handle internally, for our government clients, visa applicants, employees, and all our other stakeholders. 

ISO/IEC 27001, the highest standard of information security

ISO/IEC 27001 is the world’s best-known standard for information security management systems. TLScontact’s conformity with ISO/IEC 27001:2022 means that we have put in place a system to manage risks related to the security of data owned or processed by us, according to the new requirements revised by the International Organization for Standardization (ISO) in 2022. 

The ISO/IEC 27001:2022 certificate is issued by BSI (an international certifying body) and valid until 18 October 2026, demonstrating our commitment to the security and compliance of information for all our stakeholders. The current certification is a global one, covering 84 TLScontact sites, while even uncertified centres are in conformity with the standards set by ISO.  

Greg Lane, Director of Compliance & Continuous Improvement, says, “We managed to obtain the certificate against the newly updated standard by ISO in less than one year. This is a testament to the information security system we have in place, which was already compliant with the most up-to-date controls. It’s also the result of a successful collaboration between our Security & Compliance, Cyber Security, Operations teams, and many other departments.” 

A cycle of audits to achieve certification

TLScontact embarked on a rigorous journey towards ISO 27001:2022, the revised and most up-to-date standard in information security. This process was marked by numerous external and internal audits with thorough follow-up actions.  

External audits were conducted by the certifying body, BSI, which reviewed our information security management system to ensure compliance with the ISO 27001 standard. Internal audits were also an integral part of this process but are a routine procedure at TLScontact. The audit areas vary, covering aspects like physical security, business continuity, operations security and third-party management. 

Abby Wu, Senior Compliance Analyst, says, “In an era where data breaches and cyber threats are prevalent, we at TLScontact have consistently focused on safeguarding sensitive information and ensuring the confidentiality and integrity of the data we handle.” 

As we move forward, we pledge to remain vigilant in upholding the highest standards of information security, ensuring the trust and confidence of our clients, applicants, employees, and partners. TLScontact is not only dedicated to providing top-tier services but commits to safeguarding the availability, integrity, and confidentiality of the data that we handle. 

These articles might interest you