ZayZoon is ISO27001:2013 Certified

ZayZoon has been audited and is certified for the management of Information Security in line with ISO27001:2013 protocols.

ZayZoon ISO27001:2013 Certification

ISO/IEC 27001 is an international standard on how to manage information security. ZayZoon considers information security paramount in the application of financial services technology.

  • Systematically examine the organization's information security risks, taking account of the threats, vulnerabilities, and impacts;
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis.

Stage 1 - Review Information Security

Check the existence and completeness of key documentation such as the organization's information security policy, Statement of Applicability (SoA) and Risk Treatment Plan (RTP).

Stage 2 - Formal Compliance Audit

Formal compliance audit, independently tested against ISMS requirements specified in ISO/IEC 27001. Auditors seek evidence that the management system is properly designed, implemented, and in operation.

Stage 3 - Ongoing Compliance

Follow-up reviews or audits confirm that the organization remains compliant with the standard. Certification maintenance requires periodic re-assessment audits to confirm that the ISMS operates as specified and intended.

We are ISO27001:2013 Certified

Based on the information and IT security needs and expectations of our stakeholders and interested parties we address and support the information security processes for management, administration; and the design, development, integration and servicing of ZayZoon's Wage Advances and LMS platforms according to ZayZoon's Statement of Applicability v0.0 and ISO27001:2013 security controls for management of information security and data.