Mint Management Technologies (Mint) is proud to announce that it is the first, and currently the only, South African-owned information technology company to be ISO 27001:2005 certified by ISOQAR India, the main ISO certification body in conjunction with ISOQAR South Africa.
"The achievement of obtaining this prestigious certification means that not only are we compliant with the stringent and global information security standards laid out in the certification, but we have also raised our internal and external information security management system to the highest level. The certificate is just a by-product of the process of becoming ISO 27001:2005 certified; the real benefits lie in the policies and procedures we implement and record on a day-to-day basis to ensure that we identify and respond to all levels of security risks in the shortest time possible. By having a tight information security management system, we can provide excellent levels of services to our clients and always ensure both their data and ours is always safe," said Carel du Toit, managing director of Mint.
"The certification also has an annual surveillance audit to ensure that we continue to maintain our ISO 27001 requirements, and address any non-compliances that are identified. This process provides a dual level of risk management, over and above our internal risk audits, so that the information security management system continues to be a robust and dynamic system, always meeting and exceeding both internal and external security requirements," added Lauren Clark, human resources manager at Mint, who managed the certification process together with Mint's IT infrastructure manager, Riaan van der Merwe.
Mint is now ISO 27001:2005 certified after undergoing the Stage 2 audit by ISOQAR India and ISOQAR South Africa. The process of preparing for the ISO 27001 certification started in March 2013 when one of Mint's key clients required confirmation of its data protection and information security levels. This led to Mint investigating the possibility of becoming ISO 27001 certified. "We ran into our first major obstacle when trying to find other IT companies that had undergone the certification in South Africa. Our findings concluded that very few South African-owned IT companies have embarked on the ISO 27001:2005 certification journey and none, to our knowledge, have received this certification so far, so our only comparative examples were international IT conglomerates such as Microsoft. This meant that Mint were required to undergo the certification process and prepare to meet the certification requirements without any local point of reference or guidance, and without having a local benchmark to measure against," said an ecstatic Du Toit.
What makes this achievement even more of an accolade for Mint is the close tie-in of this certification with the Protection of Personal Information Bill, which was signed into law on 19 November 2013 and published in Government Gazette number GG 37067 on 26 November 2013. The Protection of Personal Information Act will come into effect on a date to be determined by the President through a proclamation to be published at a later date. The significance of this is that, soon, businesses will be required to comply with the Protection of Personal Information Act, and companies such as Mint, which are ISO 27001:2005 certified, will certainly have a competitive advantage. "Our customers can rest assured that their data, and that of their clients, will be handled with the strictest security compliance protocols already in place. We are exceptionally proud of our team of dedicated governance, process and compliance officers who made this accreditation aspiration a reality," said Du Toit in closing.
Share