Mersive Technologies has successfully obtained ISO/IEC 27001:2022 accreditation, ensuring compliance with international cybersecurity standards.
Mersive Technologies, a leading provider of collaborative display and wireless presentation solutions, has recently achieved the ISO/IEC 27001:2022 certification, a globally recognized standard for an Information Security Management System (ISMS). This certification underscores Mersive's ongoing commitment to building trust and safeguarding sensitive data.
The ISO/IEC 27001:2022 certification is considered a gold standard in cybersecurity compliance. It serves cloud-based and hybrid organizations, as BARR Certifications, the ANAB-accredited auditing firm that awarded Mersive the certification, serves such organizations globally.
To obtain this certification, a company must demonstrate a clear, ongoing approach to data management. Mersive Technologies has shown this commitment by implementing specific controls and methodologies across organizational, people, physical, and technological domains, along with documented processes and continual management oversight.
The certification process involves two stages. The first stage, the Stage 1 Audit, reviews the documented processes and identifies gaps against the ISO 27001:2022 requirements. The second stage, the Stage 2 Audit, evaluates the ISMS implementation effectiveness and conforms it with the standard.
The ISO/IEC 27001:2022 certification includes an established framework to help identify, manage, and reduce risks surrounding information security. Key elements required include defining the scope of the ISMS, establishing an information security policy, conducting a comprehensive risk assessment, producing a Statement of Applicability, developing a risk treatment plan, clearly defining security roles and responsibilities, maintaining an inventory of assets, implementing an access control policy, formulating procedures for incident management and business continuity, keeping records of security training and awareness activities, conducting an internal audit program, and holding regular management reviews for continual improvement.
In the 2022 revision, Annex A controls have been restructured into four categories: Organisational, People, Physical, and Technological. This update also introduces an attribute taxonomy to better align controls with current cybersecurity concepts and operational capabilities, facilitating easier integration with standards such as NIST and CIS controls.
The ISO/IEC 27001:2022 certification adds another layer of assurance for Mersive's customers and partners, reinforcing their commitment to data security. Cameron Kline, director of BARR's attest services practice, stated that achieving ISO 27001 certification demonstrates Mersive's commitment to upholding the highest standards of information security.
Alan Young, chief product officer and chief information security officer for Mersive, expressed pride in working with an organization like Mersive that cares about building trust and making safeguarding sensitive data a top priority. He stated that the certification is a major milestone for the company.
The ISO/IEC 27001:2022 certification is not limited to specific industries or regions, making it globally recognized and applicable. It is intended to inspire confidence and assure customers and partners that data security is a top priority for Mersive Technologies. The certification cements Mersive Technologies' commitment to securing and protecting the data of their valued customers.
[1] ISO/IEC 27001:2022 – Information technology – Security techniques – Requirements for an information security management system. (2022). International Organization for Standardization.
[2] NIST Special Publication 800-53 – Revision 5: Security and Privacy Controls for Information Systems and Organizations. (2018). National Institute of Standards and Technology.
[3] Center for Internet Security Controls. (n.d.). Center for Internet Security.
[4] Transition from ISO/IEC 27001:2013 to ISO/IEC 27001:2022. (2022). International Organization for Standardization.
[5] Frequently Asked Questions (FAQ) – ISO/IEC 27001:2022. (2022). International Organization for Standardization.
