In the interconnected business world, a lot of information is created and consumed: customer records, employee data, partner details, our own corporate information. At NICE, we consider information one of our most precious assets and take great care to protect it. Thus, we adhere to the International Organization for Standardization's standard for initiating, implementing, maintaining and improving our information security management system.
ISO/IEC 27001 is an auditable international standard that defines the requirements for a company's information security management system (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls, and is the only such standard currently in existence.
NICE first achieved ISO/IEC 27001 compliance in April 2007, and has continued to receive regular audits since then. The standard requires NICE to ensure a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving our information security management system. We believe our compliance helps us to protect our information assets and gives additional confidence to businesses and individuals we do business with—especially our customers, on whose behalf we often manage information. Accreditation helps to assure them that their information is properly protected.
Of course, ISO/IEC 27001 compliance also holds benefits for NICE, too. It independently demonstrates that: