Security Audit

We are proud to state that from late 2017, Agillic has been compliant with ISO 27001:2013 standard and that our ISMS has been audited by an external auditor in December 2017. The Agillic ISMS ensures that we operate in compliance with relevant legal requirements and agreements.

In preparation for the EU General Data Protection Regulation, we at Agillic has been working on a full work-over of our Information Security setup. For the past two years we have improved and developed our Information Security Management System (ISMS), and worked on our information security strategy in general. We chose to re-build our ISMS according to the ISO 27001:2013 standard, a standard widely followed in the IT-industry and recommended by legal experts working with the GDPR.

We decided to apply most of the controls from all the areas, as they are very relevant to us. The objective was to emphasize the importance of information security, in line with business requirements and relevant laws and regulations. Information and information systems are essential for Agillic, and information security has a vital importance for us.

We chose to work with a risk-based information security management system, ensuring all notable threats are mitigated in an appropriate manner. This way, foreseeable security problems can be prevented and potential damages limited –working proactively in order to prevent the worst-case scenarios from realising.

The ISMS was audited by Beierholm in December 2017, marking an essential part of the Information Security project in Agillic. The audit was conducted according to the ISAE 3402 type 1 requirements and reflects how our ISMS relates to the ISO 27001 requirements.

All key control areas from the ISO 27001 standard were audited, including:

  • Risk Management
  • Information Security Policies
  • Organisation of Information Security
  • Human Resource Security
  • Asset Management
  • Access Control
  • Operations Security
  • Communications Security
  • Supplier Relationships
  • Information Security Incident Management
  • Information Security Aspects of Business Continuity Management
  • Compliance

Agillic got positive feedback from the auditor, and some parts of the Agillic ISMS were even said to “set the bar for other companies in the industry”. We strive to raise the bar even higher in future and have embarked on an ambitious Information Security Strategy, which a dedicated team is working to ensure that both the Agillic organisation and SaaS-product is secure and well prepared in case of challenges.

If you would like to know more about the Agillic ISMS external audit, please contact our Security Board for more information. A full audit report is available for Agillic customers and partners upon request.

Reach out