ISO 27001 Certification

ISO27001 – Information Security Management

The ISO27001 certification focuses on core controls around secure data management. This certification is independently certificated by the BSIGroup where they conduct regular audits to verify your business is following the controls, processes and polices implemented.

Does FastTrack share the certificate with customers?

Yes the certificate can be shared with customers. If you require this please talk to your Account Manager.

What controls does FastTrack adhere to?

All of the standard controls, please see Appendix 1 – ISMS controls for the full list.

How often are we audited?

• 6 monthly - Internal Audit that is ran by Acesses Security team to review a selection of controls and FastTrack’s adherence to the standard.

• 12 monthly - External Control Observation Audit with Alcumus ISOQAR. This is where a selection on controls are audited and assessed.

• 36 monthly - independent certification on all controls by Alcumus ISOQAR and recertification.

How are we audited?

All audits are conducted by independent parties:

• Alcumus ISOQAR - Audit specialists that audit ISO practices and implementations. They are also the group who provide the certification to the standard.

Does FastTrack share the audit findings with customers?

No we do not share the detailed findings with customers as these contain confidential and sensitive information about the FastTrack360 platform. If required FastTrack can supply a letter providing evidence that the audit has been completed as well as the fact there is no non-conformance.

Does FastTrack support SOC/SOC2?

No FastTrack does not support the other international standard SOC2. However our implementation of ISO27001 is a stricter implementation of Information Management Security. We can provide a mapping to SOC2 controls that FastTrack have implemented and certified. If you require this, please talk to your Account Manager.