ISO/IEC 27001:2013

On 14 February 2013, ICC received ISO/IEC 27001:2005 certification (certificate number IND13.0031U). In February 2015 ICC passed its re-assessment and transition audit to the new version of the standard, ISO/IEC 27001:2013. This standard is widely recognised as the international benchmark for information security management and provides a holistic, risk-based approach to identify and manage risks related to information assets and ICT systems.

ISO/IEC 27001:2013 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

​ISO/IEC 27001:2013 certification demonstrates ICC’s continuous commitment to information security and governance aligned with international best practice. Certification also provides independent assurance to ICC Partners that ICC has implemented a comprehensive set of security controls to manage and protect the information and systems entrusted to it.​​

ICC was audited by Bureau Veritas for all operational, administrative and management activities for the delivery of shared ICT services from ICC offices in Geneva, Switzerland; New York, USA; Brindisi and Rome, Italy; and Valencia, Spain, as well as ICC data centres in Geneva, Switzerland; New Jersey, USA; and Valencia, Spain.