ISO 27001 Certification

Information Security & ISO 27001

Our Commitment to Information Security

Our Commitment to Information Security

Independent Information Security Rating Institute (IISRI®) takes information security seriously. Protecting the confidentiality, integrity, and availability of information is fundamental to our mission and to the trust placed in us by clients, partners, and stakeholders worldwide.

We operate an Information Security Management System (ISMS) that governs how we manage people, processes, technology, and data across our organisation.

ISO/IEC 27001 Certificate

IISRI® was certified to ISO/IEC 27001 for its Information Security Management System, covering:

  • Internal and external rating services
  • Assessment management systems
  • Supporting people, processes, infrastructure, hardware, and software

This certificate demonstrates our longstanding commitment to information security.

Download Certificate (2017-2020)

Current Certification Status

As our certificate is expired, we are currently undergoing a new ISO/IEC 27001:2022 certification, with formal certification planned for February 2026.

Current Certification Status

As our certificate is expired, we are currently undergoing a new ISO/IEC 27001:2022 certification, with formal certification planned for February 2026.

The transition to ISO/IEC 27001:2022 reflects:

  • Changes in the threat landscape
  • Updated Annex A controls
  • Stronger focus on governance, risk, and operational resilience

Our ISMS continues to operate and evolve in line with ISO 27001 principles during this certification process.

What This Means for Our Clients

Even while new certification is in progress, IISRI®:

Structured Policies

Maintains structured information security policies and procedures

Risk-Based Controls

Applies risk-based controls aligned with ISO 27001 requirements

Continuous Improvement

Conducts internal reviews and continuous improvement activities

Security-by-Design

Embeds security-by-design across services and platforms

Our approach ensures that information security is not a checkbox exercise, but an integral part of how we operate and deliver value.

Transparency & Trust

We believe transparency builds trust. That is why we clearly communicate our certification status and do not make claims beyond what is accurate and verifiable.

Upon completion of ISO/IEC 27001:2022 certification, this page will be updated accordingly.

Scope of Our Information Security Management System

Our ISMS covers IISRI®'s core activities, including but not limited to:

Rating Services

Security rating and assessment services, including CyberRank.ai platform for vendor risk management

Platform Management

Platform and data management systems

Corporate Functions

Supporting operational and corporate functions

This ensures a consistent, organisation-wide approach to managing information security risks.

Continuous Improvement

Information security is a journey, not a one-time milestone.

Our ISO 27001:2022 certification initiative is part of our broader commitment to:

Continuous Improvement
Regulatory Alignment
Stakeholder Confidence

Questions About Our Information Security?

Contact us to learn more about our ISO 27001:2022 certification journey and ISMS.

Contact Us