Now live on iOS - Download

Aqua Voice is ISO 27001 certified

Pablo Peniche

This is a big step for security, procurement and teams. Our third-party auditors have certified Aqua Voice against ISO/IEC 27001:2022, the leading international standard for information security, making it easier to get onboarded to Aqua Voice across your company, wherever in the world you operate.

ISO 27001 is the international standard for information security management

ISO/IEC 27001 is a globally recognized framework published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It defines the requirements for an Information Security Management System (ISMS): the policies, processes, and controls an organization uses to manage risk and protect data. To become certified, an independent, accredited auditor examines an organization's ISMS to confirm that its controls are designed and operating effectively. An ISO 27001 certificate communicates a company's commitment to data security and the protection of customer information, and is often the standard requested by security teams outside the United States.

Security has always been one of our core values

Earlier this year we announced our SOC 2 Type II compliance. By adding ISO 27001 certification, we reaffirm this commitment to our customers' trust on a global scale. This is another major milestone in showcasing our overall security posture. With increasing cybersecurity threats and data breaches, it is paramount that organizations prioritize information security and the protection of their systems and data. By undergoing an ISO 27001 audit, our ISMS and processes were validated by a third party that attests to the functioning of the controls relevant to our application.

Compliance Partners

Vanta

We partnered with Vanta, the leader in the Trust Management space, to help us automate the collection of our audit evidence. Because we built on Vanta for SOC 2, much of the groundwork for ISO 27001 was already in place, letting us extend our compliance program without starting from scratch.

Advantage Partners

Our audit firm, Advantage Partners, was extremely helpful in creating a seamless audit experience. With their guidance and support, we achieved ISO 27001 certification in a swift, efficient manner.

Lessons we learned

Compliance frameworks compound. The policies, procedures, and controls we put in place for SOC 2 became the foundation for ISO 27001, and pursuing both showed us how much overlap there is when security is built into how an organization operates rather than bolted on for an audit.

ISO 27001 also pushed us further on risk management. The standard requires a formal, ongoing risk assessment process, which gave us a clearer, more structured picture of where to focus our security investment.

Finding the right partners to guide us through this process has been key, which is why we worked with the firm Workstreet.

Trust Center

See our policies and controls, read about our subprocessors, and download our ISO 27001 certificate here.

We're hiring!

We're continuing to invest in security, and we're hiring a Security Engineer to help us. If you want to build safe, secure tools that help humans work better, apply here.