Cosmo Tech, in compliance with iso 27001, is committed to build and maintain an effective and auditable ISMS (Information Security Management System).
We are committed to maintain the highest standards of information security for our Digital Twin solutions that rely on the power of complex system modeling and simulation expertise.
This ISMS contribute to:
- Clearly communicate our information security policies, objectives, and processes to employees, clients, and stakeholders.
- Define the roles and responsibilities of individuals within the organization regarding information security.
- Provide a framework for identifying, assessing, and managing information security risks.
- Establish procedures for responding to and recovering from information security incidents.
- Ensure compliance with legal and regulatory requirements pertaining to information security.
As a SaaS company, ensuring the security of customer’s data is of paramount importance to us. ISO 27001 aligns perfectly with our commitment to safeguarding the confidentiality, integrity, and availability of information, thereby maintaining the trust of our clients and partners.
Here are the goals of our ISMS:
- Safeguard the confidentiality, integrity, and availability of sensitive information.
- Mitigate information security risks through a systematic risk assessment and treatment approach.
- Comply with relevant legal, regulatory, and contractual requirements related to information security.
- Continuously improve our information security posture through monitoring, measurement, and feedback mechanisms.
- Foster a culture of information security awareness and responsibility among all employees.
More details on our security are given in this document.
Cosmo Tech management shall demonstrate leadership and commitment with respect to the Information Security Management System (ISMS) activities by:
- Ensuring the Global Information Security Policy and the Information Security Objectives are established and compatible with the strategic direction of the company.
- Ensuring ISMS requirements are integrated into our processes.
- Ensuring that the resources required for implementing, managing and maintaining the ISMS activities are available.
- Communicating the importance of information security and of conforming to the ISMS requirements to employees and contractors.
- Ensuring that the ISMS achieves its intended outcomes.
- Directing and supporting personnel to contribute to the effectiveness of the ISMS.
- Promoting continual improvement.
This paragraph on management commitments had been formerly approved by Cosmo Tech management for our first iso 27001 audit to build a foundation of trust to share to external stakeholders.