On 14 February 2013, ICC received ISO/IEC 27001:2005 certification (certificate number IND13.0031U). In February 2015 ICC passed its re-assessment and transition audit to the new version of the standard, ISO/IEC 27001:2013. This standard is widely recognised as the international benchmark for information security management and provides a holistic, risk-based approach to identify and manage risks related to information assets and ICT systems.
ISO/IEC 27001:2013 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.
ISO/IEC 27001:2013 certification demonstrates ICC’s continuous commitment to information security and governance aligned with international best practice. Certification also provides independent assurance to ICC Partners that ICC has implemented a comprehensive set of security controls to manage and protect the information and systems entrusted to it.
ICC was audited by Bureau Veritas for all operational, administrative and management activities for the delivery of shared ICT services from ICC offices in Geneva, Switzerland; New York, USA; Brindisi and Rome, Italy; and Valencia, Spain, as well as ICC data centres in Geneva, Switzerland; New Jersey, USA; and Valencia, Spain.