Nordic, an award-winning global health and technology consulting company, today announced that its Information Security Management System (ISMS) has received certification for compliance with ISO/IEC 27001:2013 standards.
ISO/IEC 27001:2013 is an information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC). Nordic’s certification was issued by A-LIGN, an independent and accredited certification body based in the United States on successful completion of a formal audit process.
This certification stipulates the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of Nordic. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
“Nordic takes threats to the confidentiality, integrity, and availability of our data as well as that of our clients’ data very seriously,” said Jeff Buss, Chief Information Officer for Nordic. “This certification demonstrates Nordic’s continued commitment to information security globally and provides an independent third-party validation that our information security management system meets the high standards required for the ISO 27001 certification.”
This certification reflects Nordic’s steadfastness to achieve key security certifications of its products and its facilities. In February 2022, Nordic received certification from HITRUST via the Risk-Based 2-year validation process, which demonstrated that Nordic’s platform hosted in the Microsoft Azure Cloud platform, as well as its headquarters in Madison, Wisconsin, has met key regulations and industry-defined requirements and is appropriately managing risk.