ISO 27001 Certified

As part of our continued commitment to meeting and exceeding data security standard practices, Time Doctor is ISO 27001:2013 certified. We have taken this step to certify our product and services with an ISO 27001:2013 certification as a solid foundation for our Information Security Management System.

Paramount to ISO 27001:2013 is that we adhere to international best practices in every action and process as it relates to data privacy and the security of our information systems, chiefly customer data protection. With ISO 27001:2013 certification, we ensure that our information security systems adhere to international data privacy standards.

What is ISO 27001:2013 Certification?

ISO (International Organization for Standardization) 27001:2013 is a set of information security and privacy best practices regarding the management of customer data that adheres to the highest international data security standards. Importantly, ISO standards are the result of a consensus-driven process by experts from all over the world, pooling vast international experience and knowledge from all business sectors.

Data that falls under the risk management controls set in place by ISO 27001:2013 include financial information, intellectual property, a customer’s or employee’s details, or any personal information entrusted to us.

Our Information Security Management System

In accordance with ISO 27001:2013 standards, we actively:

  • Identify assets at potential risk and require data encryption

  • Ensure ongoing confidentiality, integrity, and availability of information through internal policies and controls

  • Address the importance of business continuity management using a set of controls to protect the availability of information and critical business processes from the effects of major disasters or incidents, ensuring timely resumption

  • Facilitate ongoing independent assessments and audits by accredited certification third parties and our appointed Data Protection Officer (DPO) to ensure that our ISMS is meeting ISO 27001:2013 requirements

  • Maintain a stringent and coherent access control framework, comprising of supporting policies, processes, and advanced technologies

Read more about how we manage data and keep information secure in our Privacy Policy and on our Security and Compliance page.

Our ISO 27001:2013 Certification

View our ISO 27001:2013 Certification here. You can go to www.rigcert.org/certification_check