Boardpac receives latest ISO 27001 certification for fourth consecutive year
Board PAC, the awardwinning Sri Lanka developed, ipad-enabled paperless board communication and meetings solution has received the 1SO/ IEC 27001:2013 information security certification for the fourth consecutive year.
Notably, Board PAC (Pvt.) Ltd is the first software company in Sri Lanka to obtain the latest version of this certification in respect of the international standard for Information Security Management.
The ISO 27001:2013 certification is the highest international benchmark for Information Security Management, and the world’s highest accreditation for information protection and security.
Boardpac received a UKAS (United Kingdom Accreditation Service) accredited certificate for the Information Security Management System from Bureau Veritas. The certificate covers the organisation’s entire operation.
The renewal of this accreditation can be attributed to Board PAC’S continuous commitment to providing customers stringent security compliance in managing and securing the confidentiality, integrity and availability of their information. Board PAC’S information security management system includes policies around access control, incident management, business continuity, physical security, human resources and technical procedures. Commenting on the renewal of the ISO 27001 Certification, Board PAC Chief Operating Officer Rajitha Kuruppumulle said: “Not only does Board PAC encourage environmentallysustainable business practices; it also provides the highest level of security to clients, in compliance with the latest standards in Information Security Management. Our solution eliminates all concerns about information security while facilitating the digital sharing of information needed by directors and others for board meetings.”
Board PAC ISMS Manager Buddhika Abeygooneratne added: “Meeting the stringent standards stipulated for ISO 27001 certification challenges software developers to keep up with and protect their products and their users against the latest and emerging threats to data security. This requires a high degree of skill that only a few companies have.”
The ISO/IEC 27001:2013 certification enforces the most stringent controls to ensure ample security measures are implemented to protect the Board PAC information assets. The Information Security Management System (ISMS) provides a framework for establishing information security policies, procedures and associated practices, risk assessment and risk treatment, management of information assets, human resources security, operational security, physical and environmental security, communication and operational security, acquisition and maintenance of information systems, information security incident management, vulnerability management, compliance, security in supplier management and business continuity and disaster recovery. All of these features provide a framework and a systematic approach to implement effective controls that help in maintaining the confidentiality, integrity and availability of customer data. Board PAC is an effective and highly secure method for Board Directors and Management Committee members to access board and committee papers and supplementary information directly from their ipads, thereby eliminating the need for printing multiple copies of each document and couriering such documents to the Directors. It also provides an easy way for Directors to view all documents related to a board paper in a clear manner.
Its security highlights include end-to-end information encryption; user level, meeting level and paper level access control; two factor authentication; trusted device concept; fingerprint authentication and on-premise deployment.