External auditor describes CyberTech systems as “Exceeding expectations.”

 

CyberTech, a division of Altron, is pleased to announce that they have passed all the necessary requirements to be reissued with the certificate for their ISO 27001 audit. 

This systematic and independent audit is performed to help companies identify areas for improvement, adhere to best practices and to ensure that corporate information and data is safeguarded. 

As explained by Mira Andric, Operations and Delivery Manager for CyberTech, the key objectives of an ISO 27001 audit are:

  • To ensure that your Information Security Management System (ISMS) is compliant with the ISO 27001 standard
  • To address any issues with the ISMS
  • To identify any potential improvements to the ISMS.

The certification audit is applicable to four of CyberTech’s cybersecurity solutions, namely: Security Operations Centre (SOC) as a service; Network Operations Centre (NOC) as a service; Vulnerability Management as a Service (VMaaS) and Secure Gateway Management.

CyberTech’s re-certification process began in March with Stage 1 of the audit, which involves the verification of the necessary documentation. The organisation has just completed Stage 2 of the audit, during which employees were interviewed to ensure that their testaments matched the supporting compliance documentation.

“A significant advantage of the ISO 27001 certification process is the valuable insights that it provides us with; it ensures that we know exactly where we need to be in terms of compliance,” says Tanya Waites, MPKI for CyberTech.

Setting the standard

Waites continues: “Maintaining certification is an ongoing process as we continue to review our internal systems in-line with the highest of standards”.

The results of the rigorous ISO 27001 audit indicate that the high standards are being upheld by CyberTech. Comments from the external auditor included: “A well-managed system; processes that tie into the business objectives and information security objectives; and finally, that CyberTech’s management of this audit and commitment exceeded expectations and set the bar high for other organisations undergoing auditing”.

This certification process is repeated every three years from scratch and is supplemented by an additional annual surveillance audit. 

“ISO 27001 certification is not compulsory for organisations in South Africa – only 80 companies are certified in-line with this particular ISO standard – but the certification is objective proof that every aspect of our organisation, from our staff to our systems, are in-line with industry requirements,” explains Andric.

“As a business built on upholding the highest levels of cybersecurity, this certification is a validation of our efforts. Most importantly, it gives our customers confidence and peace-of-mind knowing that the way we approach their data and systems is in a secure and well-managed manner,” she concludes.

CyberTech’s management would like to express their appreciation to the team for their hard work, long hours, and perseverance, without which this wouldn’t have been possible.