ISO 27001 Standard Underscores Information Security Commitment
In 2020, SS&C Eze again achieved ISO 27001 certification, including the controls for ISO 27017 and ISO 27018 (Cloud Security and Cloud Privacy), for its information security systems’ infrastructure and operations supporting Eze Investment Suite and Eze Eclipse.
ISO certification validates SS&C Eze’s rigorous security controls and exemplifies its commitment to keeping clients’ data safe and confidential. It also demonstrates that SS&C Eze’s policies and procedures promote regular monitoring and continuous improvement of processes to keep up with the latest cyber security challenges.
To achieve ISO certification, SS&C Eze undergoes a formal independent audit of its security policies and procedures, as well as its risk and operational controls across its U.S. and India offices. Schellman & Company, LLC, an ANAB and UKAS-accredited Certification Body based in the U.S., performed the certification.
“Security is a core benefit we deliver to our clients," said Stephen Pyne, Eze Information Security Officer. “The ISO framework and certification help us focus and demonstrate our ability to deliver that benefit to our clients.”
ISO/IEC 27001:2013 is an internationally recognized security standard. Eze initially achieved ISO 27001 certification in 2017, and since 2018, Eze has completed annual surveillance reviews that include an expanded scope covering the requirements of ISO 27017:2015, and ISO 27018:27019. In 2020, Eze successfully completed its first full recertification, in which all controls were again fully evaluated by third-party auditors.