Contact us NOW
12th of June 2020

Raisoft received an international security certificate

On 18 May 2020, Oy Raisoft Ltd was granted an international information security certification based on the ISO / IEC 27001: 2013 standard (Information Security Management System). The certification was audited by DNV GL, and covers the entire operation.
Less than a hundred certificates have been issued to Finnish companies to date.

- We have been working closely on this for almost a year and a half, Raisoft's Information Security Officer Peter Jansson says with satisfaction.

A five-member team has been the driving force behind this project, but in the final phase, the effort grew as the team leaders improved their responsibilities. The implementation of new security practices for all staff has been an essential part of the certification process.

DNV GL's lead auditor Olli-Pekka Pahnila says that the requirements for this standard are more strenuous than in other management system standards, as many of them are mandatory. (mandatory requirements and controls)

Value is weighed in competitive tendering

Raisoft's management team decided to launch the certification process more than two years ago, but at the time, the GDPR Data Protection Regulation, which came into force in May 2018, delayed getting the project up and running.

- This has been a busy project that has required perseverance and commitment. As a company, it was clear to us that we were going to work to achieve certification, as achieving internationally accepted certification is a significant advantage for us, especially in foreign competitions, CEO Robert Åström explains.

In large competitive tendering, software vendors usually receive a long list of requirements, many of which deal specifically with security issues.

- When we can say that we have ISO / IEC 27001 certification, we can acknowledge the long list of requirements in one document, Peter Jansson describes. He also explains that in addition to international competitions, certification is also becoming interesting in Finland.

DNV GL's Olli-Pekka Pahnila confirms Raisoft's view:

- Experience has shown that an internationally recognized certificate issued by an accredited certification body has a positive effect on trade and the demonstration of the level of information security.

The person is the most important link

Security Officer Jansson states that although he is now in a good mood and has a new certificate on the wall of the office, his hard work won't stop in improving our security.

- This audit is now valid for three years. There will always be a more limited interim audit each year and the next full-scale audit in the spring of 2023.

Jansson is proud of his team and all Raisoft employees who were closely involved in the effort.

- Technology, firewalls, and other simple solutions are important for information security, however, remember that people are the most important link in the chain.