ISO 27001 compliant cloud hosting

ISO 27001, also known as IEC 27001, is a compliance standard that specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS) within the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. Otava is 100% compliant without exception with each specification for Information Security Management Systems.

There are 14 specific controls to meet the standard, outlined below:

  • ISMS scope
  • Information security policy
  • Information risk assessment process
  • Information risk treatment process
  • Information security objectives
  • Evidence of the competence of the people working in information security
  • Other ISMS-related documents deemed necessary by the organization
  • Operational planning and control documents
  • Results of information risk assessments
  • Decisions regarding information risk treatment
  • Evidence of monitoring and measurement of information security
  • ISMS internal audit program and its results
  • Evidence of top management reviews of ISMS
  • Evidence of nonconformities identified and corrective actions arising

If you or your clients need to meet ISO 27001 standards, we can provide the secure and compliant environment you require. Our locations hosting our high-availability cloud, colocation and disaster recovery environments each have gone through a rigorous audit and passed without exceptions. We also exceed the required standard by investing in and successfully auditing against other compliance regulations such as SOC 2, SSAE16, PCI and HIPAA so that your data is always secure and always available.

  • This field is for validation purposes and should be left unchanged.