ZayZoon is ISO27001:2013 Certified
ZayZoon has been audited and is certified for the management of Information Security in line with ISO27001:2013 protocols.
ZayZoon ISO27001:2013 Certification
ISO/IEC 27001 is an international standard on how to manage information security. ZayZoon considers information security paramount in the application of financial services technology.
- Systematically examine the organization's information security risks, taking account of the threats, vulnerabilities, and impacts;
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
- Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis.
Stage 1 - Review Information Security
Check the existence and completeness of key documentation such as the organization's information security policy, Statement of Applicability (SoA) and Risk Treatment Plan (RTP).
Stage 2 - Formal Compliance Audit
Formal compliance audit, independently tested against ISMS requirements specified in ISO/IEC 27001. Auditors seek evidence that the management system is properly designed, implemented, and in operation.
Stage 3 - Ongoing Compliance
Follow-up reviews or audits confirm that the organization remains compliant with the standard. Certification maintenance requires periodic re-assessment audits to confirm that the ISMS operates as specified and intended.
We are ISO27001:2013 Certified
Based on the information and IT security needs and expectations of our stakeholders and interested parties we address and support the information security processes for management, administration; and the design, development, integration and servicing of ZayZoon's Wage Advances and LMS platforms according to ZayZoon's Statement of Applicability v0.0 and ISO27001:2013 security controls for management of information security and data.