Automated Information Security Management Process earns international certification
Kyoto, Japan, Questetra, Inc., the global SaaS provider of Business Process Management (BPM), announced that on September 3rd, they have obtained the certification of, an international standard, Information Security Management System (ISMS), ISO / IEC 27001: 2013 / JIS Q 27001: 2014.
In order for a third party to certify that the information security management system conforms to ISO standards, its operational records must be appropriate. Questetra, Inc. has built a management system using its own cloud-based workflow system “Questetra BPM Suite”, and it has been accessed that various records are properly stored.
For example, in a Business Process of managing “information on the outsourcee”, a series of the following procedures are automatically recorded which is, 1) The Operator inputs the contents of outsourcing and basic information on the outsourcee, 2) The outsourcee answers the questionnaire about the information management, 3) The Operator takes necessary measures based on the answers of the questionnaire, 4) The ISMS administration office confirms whether the measures were appropriate.
For another example, in a Business Process that manages “ISMS audit”, a series of the following procedures including some automated processing are automatically recorded which is, 1) An external auditor registers an audit report on the public Webform, 2) Registration completion email is sent automatically, 3) The ISMS administration office make suggestions as necessary, 4) All the persons in charge who received the suggestion report back the result of what has done complying with the suggestions.
Questertra will continue to work on continuous improvement of the information security management system and strive to further improve its reliability.
About ISO/IEC 27001
Internationally recognized ISO/IEC 27001 is an excellent framework which helps organizations manage and protect their information assets so that they remain safe and secure. It helps you to continually review and refine the way you do this, not only for today, but also for the future. That’s how ISO/IEC 27001 protects your business, your reputation and adds value.(cited from British Standards Institution website)
Certification summary
- Organization: Questetra, Inc. Oike Bldg., 206 Takamiyacho, Nakagyo-ku, Kyoto-shi, Kyoto 604-0835 Japan
- Certified standard: ISO/IEC 27001:2013 / JIS Q 27001:2014
- Certificate Number: IS 728211
- Certified scope: The development, service provision and introduction support consulting of cloud-based business process management system.
- Registered date: September 3rd, 2020
- Certification Body: BSI Group Japan K.K.
