End of Year 2020: Compliance Certification Roundup

Each month, ZenGRC highlights companies that have earned compliance certifications for information security frameworks.

Here’s our January 2020 roundup of recent compliance certification news from around the United States and the world.

PCI Certification 

PCI certification and compliance are two different, but related, designations.

PCI certification is a more rigorous process. It involves an intensive audit performed by a Qualified Security Assessor (QSA).

PCI compliance means a company follows best practices to help protect Cardholder Data (CHD) following the guidelines set by the PCI Council.

• In December, The Kiosk Manufacturer Association, Westminster, Colorado, earned its PCI DSS certification for its self-service kiosks. The Kiosk Manufacturer Association is a kiosks and information technology nonprofit. Read more about The Kiosk Manufacturer Association’s certification.

ISO Certification 

ISO standards concern many industries. The three primary ISO standards that help organize compliance for companies looking to create IT programs: IT, ISO 27001, ISO 31000, and ISO 9001.

• In December, Jamaica’s Auditor General’s Department, Kingston, Jamaica, earned its ISO 9001:2015 certification for its business processes. The Auditor General’s Department produces audit reports for sectors of the Jamaican government. Read more about the Auditor General’s Department’s certification.
• In December, Eightfold AI, Mountain View, California, earned its ISO 27001:2013 certification for its Talent Intelligence Platform™. Eightfold AI is a provider of talent management software. Read more about Eightfold AI’s certification.
• In December, Clarion Safety Systems, Milford, Pennsylvania, was recertified for its ISO 9001:2015 certification for its products. Clarion Safety Systems is a manufacturer of safety labels, signs, and tags. Read more about Clarion Safety Systems’ certification.
• In December, Suprema, Seongnam, Gyeonggi, South Korea, earned its ISO 27001 and ISO 27701 certifications for its BioStar 2 platform. Suprema is a provider of access control, biometrics, time, and attendance solutions. Read more about Suprema’s certifications.
• In December, BeVeg, Palm Gardens Beach, Florida, earned its ISO 17065 and ISO 17067 certifications for its global vegan standards. BeVeg is a certification body for vegan products. Read more about BeVeg’s certifications.
• In December, Cisco, San Francisco, California, earned its ISO 5230 certification for its internet technology. Cisco is a developer and manufacturer of networking hardware, software, and telecommunications equipment. Read more about Cisco’s certification.
• In December, Davao Light, Davao City, Mindanao, Philippines, re-certified its ISO 9001:2015 certification and earned its ISO 45001:2018 certification for its light and power services. Davao Light is an electricity company. Read more about Davo Light’s certifications.
• In December, J S Wright, Birmingham, UK, earned its ISO 45001 certification for its health and safety practices. J S Wright is a mechanical and electrical building service company. Read more about J S Wright’s certification.
• In December, NCSOFT, San Francisco, California, earned its ISO 5230 certification for its online games. NCSOFT is a digital entertainment company and publisher. Read more about NCSOFT’s certification.
• In December, Toyota, Nagoya, Japan, earned its ISO 5230 certification for its automotive supply chain. Toyota is an automotive manufacturer. Read more about Toyota’s certification.
• In December, Alchemer, Louisville, Colorado, earned its ISO 27001 certification for its customer platforms. Alchemer is a provider of customer experience and voice-of-the-customer platforms. 
• In December, Ma’aden, Riyadh, Saudi Arabia, earned its ISO 37001 certification for its business activities. Ma’aden is a mining company. Read more about Ma’aden’s certification. 
• In December, Argos Multilingual, Krakow, Poland, earned its ISO 18587:2017 certification for its translation and editing services. Argos Multilingual is a language service provider. Read more about Argos Multilingual’s certification.
• In December, Chinsay, Singapore, earned its ISO 27001 certification for its information security management practices. Chinsay is an end-to-end trade data capture and digitalisation company. Read more about Chinsay’s certification.
• In December, Assa Abloy, Stockholm, Sweden, recertified its ISO 27001 certification for its Medeco Security locks. Assa Abloy is an access solutions provider. Read more about Assa Abloy’s certification.
• In December, Nippon Express Korea, Seoul, South Korea, earned its ISO 13485 certification for its medical devices. Nippon Express Korea is a logistics company. Read more about Nippon Express Korea’s certification.
• In December, Attopsemi, Hsinchu, Taiwan, earned its ISO 9001 certification for its IPs. Attopsemi is a tech company specializing in OTP technology. Read more about Attopsemi’s certification.
• In December, Glantus, Dublin, Ireland, earned its ISO 27701 certification for its Privacy Information Management System. Glantus is a Data privacy financial technology company. Read more about Glantus’s certification.
• In December, The Beauru of Customs Sub-port of Dumaguete, Dumaguete, Negros, Philippines, earned its ISO 9001:2015 certification for its 10-point priority program. The Bureau of Customs Sub-port of Dumaguente is a sub-port. Read more about the Bureau of Customs Sub-port of Dumaguente’s certification.
• In December, eShopWorld, Swords, Ireland, earned its ISO 27001 and ISO 27701 certifications for its security and privacy practices. eShopWorld is an e-commerce company. Read more about eShopWorld’s certifications.
• In December, Bahrain Airport Company, Muharraq, Kingdom of Bahrain, re-certified its ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 certifications for its services. Bahrain Airport Company is the operator of the Bahrain International Airport. Read more about Bahrain Airport Company’s certifications.
• In December, the Bureau of Internal Revenue, Olongapo, Philippines, earned its ISO 9001:2015 certification for its business registration services. The Bureau of Internal Revenue is a government agency. Read more about the Bureau of Internal Revenue’s certification.
• In December, Hyderabad Nehru Zoological Park, Bahadurpura, Hyderabad, earned its ISO 9001:2015 certification for its standard working procedures. Hyderabad Nehru Zoological Park is a zoo. Read more about Hyderabad Nehru Zoological Park’s certification.
• In December, Stax, Boston, Massachusetts, earned its ISO 9001:2015 certification for its business processes. Stax is a hardware and gardening supplier. Read more about Stax’s certification.
• In December, Muharraq Municipality, Muharraq, Bahrain, earned its ISO 9001:2015 certification for its business practices. Muharraq Municipality is a component of the Ministry of Works. Read more about Muharraq Municipality’s certification. 
• In December, ANCILE Solutions, Elkridge, Maryland, earned its ISO 27001:2013 certification for its security management practices. ANCILE Solutions is a creator of digital learning platforms. Read more about ANCILE Solution’s certification. 
• In December, the Food Industry Development Supporting Laboratory, Myanmar, earned its ISO 12025 certification for its laboratory services. The Food Industry Development Supporting Laboratory is a private laboratory. Read more about the Food Industry Development Supporting Laboratory’s certification.
• In December, Projetech, Cincinnati, Ohio, earned its ISO 27001 and ISO 27017 certifications for its information security controls. Projetech is an enterprise asset management software developer. Read more about Projetech’s certifications.
• In December, Red Snapper Group, London, England, earned its ISO 27001 certification for its services. Red Snapper Group is a staffing services provider. Read more about Red Snapper Group’s certification.
• In December, Claro Enterprise Solutions, Miramar, Florida, earned its ISO 27001:2013 certification for its security and governance standards. Claro Enterprise Solutions is a technology services company. Read more about Claro Enterprise Solutions’ certification.
• In December, The Office of the Vice President, Quezon City, Philippines, re-certified its ISO 9001:2015 certification for its practices. The Office of the Vice President is a government agency. Read more about The Office of the Vice President’s certification.
• In December, Tenable, Columbia, Maryland, earned its ISO 27001 certification for its information security management practices. Tenable is a cybersecurity company. Read more about Tenable’s certification.
• In December, Vonco, Trevor, Wisconsin, earned its ISO 13485:2016 certification for its quality management system. Vonco is a manufacturer of medical supplies. Read more about Vonco’s certification.
• In December, iTrinegy, London, England, earned its ISO 9001:2015 certification for its quality management system. iTrinegy is a software-defined test networks solutions provider. Read more about iTrinegy’s certification.
• In December, Hunter Strategy, Washington, D.C., earned its ISO 27001 certification for its information security practices. Hunter Strategy is an IT consulting services firm. Read more about Hunter Strategy’s ISO 27001 certification. 
• In December, ZTE, Shenzhen, China, earned its ISO 37001 certification for its anti-bribery management system. ZTE is a technology company. Read more about ZTE’s certification.
• In December, Piraeus Port Authority, Piraeus, Greece, earned its ISO 9001, ISO 14001, and ISO 50001 certifications for its business practices. Piraeus Port Authority is a port operator and manager. Read more about Piraeus Port Authority’s certifications.
• In December, 3D Glass Solutions, Albuquerque, New Mexico, earned its ISO 9001 certification for its design and manufacturing processes. 3D Glass Solutions is an RF device developer. Read more about 3D Glass Solutions’ certification.
• In December, Tollring, Middlesex, England, earned its ISO 9001 and ISO 27001 certifications for its technical processes. Tollring is call analytics and call recording solutions provider. Read more about Tollring’s certifications.
• In December, The Wasdell Group, Wiltshire, Ireland, earned its ISO 13485 certification for its manufacturing standards. The Wasdell Group is a contract packaging supplier. Read more about The Wasdell Group’s certification.
• In December, Equflow, Oss, Netherlands, earned its ISO 9001:2015 certification for its quality management processes. Equflow is a flow measurement solutions provider. Read more about Equflow’s certification.
• In December, Africa Prudential, Lagos, Nigeria, earned its ISO 27001 certification for its information security management system. Africa Prudential is a business and investment solutions provider. Read more about Africa Prudential’s certification. 
• In December, Lithium Werks, Overijssel, Netherlands, renewed its ISO 9001 certification for its quality management system. Lithium Werks is a battery manufacturer. Read more about Lithium Werks’ certification.
• In December, Vault Micro, Seoul, South Korea, earned its ISO 26262 certification for its safety processes. Vault Micro is a software company. Read more about Vault Micro’s certification.
• In December, Saint Lucia Bureau of Standards, Bisbee, St. Lucia, earned its ISO 17025 certification for its testing and calibration processes. Saint Lucia Bureau of Standards is a statutory body. Read more about Saint Lucia Bureau of Standards’ certification.
• In December, Generali, Trieste, Italy, earned its ISO 9001:2015 certification for its quality management processes. Generali is an insurance company. Read more about Generali’s certification.
• In December, Kollam MEMU Shed, Kerala, India, earned its ISO 9001, ISO 45001, and ISO 14001 certifications for its business practices. Kollam MEMU Shed is a motive power depot facility. Read more about Kollam MEMU Shed’s certifications. 
• In December, the Immigration and Citizenship Agency, Kingston, Jamaica, earned its ISO 9001:2015 certification for its quality management processes. The Immigration and Citizenship Agency is a government agency.
• In December, Holzworth, Parsippany, New Jersey, earned its ISO 17025:2017 certification for its calibration and testing practices. Holzworth is a high-performance signal sources and phase noise analyzer provider. Read more about Holzworth’s certification.
• In December, Ventec, Bothell, Washington, earned its ISO 9001:2015 certification for its quality management processes. Ventec is a medical device manufacturer. Read more about Ventec’s certification.
• In December, Superior Drilling Products, Vernal, Utah, earned its ISO 9001:2015 certification for its quality management processes. Vernal is a drilling tool manufacturer. Read more about Vernal’s certification.
• In December, the Commissionerate of Industries and Commerce, Assam, India, earned its ISO 9001:2015 certification for its quality management processes. The Commissionerate of Industries and Commerce is a government body. Read more about the Commissionerate of Industries and Commerce’s certification.
• In December, Globys, Seattle, Washington, earned its ISO 27001 certification for its information security management system. Globys is a business portal solutions provider. Read more about Globys’ certification.
• In December, the State Asset Management Agency of Uzbekistan, Tashkent, Uzbekistan, earned its ISO ISO 37001:2016 certification for its anti-bribery management system. The State Asset Management Agency of Uzbekistan is a government agency. Read more about the State Asset Management Agency of Uzbekistan’s certification.
• In December, STS Government, Falls Church, Virginia, earned its ISO 9001:2015 certification for its quality management systems. STS Government is a security solutions provider. Read more about STS Government’s certification.
• In December, Layer3, Norcross, Georgia, earned its ISO 27001:2013 and ISO 27017:2015 certifications for its business practices. Layer3 is a cloud communications operator. Read more about Layer3’s certifications.
• In December, Cemex, San Pedro Garza García, Mexico, earned its ISO 50001:2018 for its energy management system. Cemex is a building materials manufacturer. Read more about Cemex’s certification. 

SOC 2 Certification

SOC 2 concerns all organizations and enterprises providing services that process and store customer data. SOC 2 reports are based on five Trust Services Criteria: security, availability, confidentiality, processing integrity, and privacy.

• In December, GlobalSCAPE, Minneapolis, Minnesota, earned its SOC 2 certification for its cloud-managed file transfer solution, EFT Arcus. GlobalSCAPE is a data exchange software company. Read more about GlobalSCAPE’s certification.
• In December, Gravyty, Boston, Massachusetts, earned its SOC 2 certification for its artificial intelligence technology. Gravyty is a technology company specializing in artificial intelligence for nonprofit organizations. Read more about Gravyty’s certification.
• In December, E-Complish, New York City, a custom payment processing solutions provider, earned its SOC 2 certification for its custom payment processing solutions. Read more about E-Complish’s certification. 
• In December, Knox Custody, Montreal, Quebec, earned its SOC 2 certification for its bitcoin exchange. Knox Custody is a Bitcoin custody provider. Read more about Knox Custody’s certification.
• In December, InRule, Chicago, Illinois, earned its SOC 2 certification for its decision platform. InRule is a software company specializing in decision automation. Read more about InRule’s certification.
• In December, Contract Logix, Lowell, Massachusetts, earned its SOC 2 certification for its contract management software. Contract Logix is a contract management solutions provider. Read more about Contract Logix’s certification.
• In December, Ubiquity Retirement + Savings, San Francisco, California, earned its SOC 2 certification for its record-keeping system, Paradigm. Ubiquity Retirement + Savings is a flat-fee small business retirement plans provider. Read more about Ubiquity Retirement + Savings’ certification.
• In December, Kovrr, Tel Aviv, Israel, earned its SOC 2 certification for its cyber risk modeling platform. Kovrr is a cyber risk modeling company. Read more about Kovrr’s certification.
• In December, BMI Imaging Systems, Sunnyvale, California, earned its SOC 2 certification for its microfilm conversion services. BMI Imaging Systems is a provider of digital conversion services. Read more about BMI Imaging Systems’ certification.
• In December, ALTR, Austin, Texas, earned its SOC 2 certification for its data consumption governance and protection technology. ALTR is data security as a service provider. Read more about ALTR’s certification.
• In December, MZ Development, North Liberty, Iowa, earned its SOC 2 certification for its performance assessment platform. MZ Development is an educational assessment software provider. Read more about MZ Development’s certification.
• In December, GuideWell Connect, Brentwood, Tennessee, earned its SOC 2 certification for its health insurance business sales system. GuideWell Connect is a consumer engagement solutions provider. Read more about GuideWell Connect’s certification. 

FedRAMP Certification

The Federal Risk and Authorization Management Program (FedRAMP), is a government program that determines if the cloud products and services offered by cloud service providers are secure enough to be used by federal agencies. 

• In December, Rave Mobile Safety, Framingham, Massachusetts, earned its FedRAMP certification for its Rave platform. Rave Mobile Safety is a provider of critical communication and collaboration services. Read more about Rave Mobile Safety’s certification.
• In December, Appian, Mclean, Virginia, earned its FedRAMP certification for its cloud-based robotic process automation technology. Appian is a provider of low-code automation services. Read more about Appian’s certification. 

HIPAA Compliance

Compliance with the Federal Health Insurance Portability and Accountability Act (HIPAA) ensures that health care organizations protect the privacy, security, and integrity of protected health information.

• In December, Quatrro, Atlanta, Georgia, achieved HIPAA compliance for its finance, accounting, and technical support services. Quatrro is a Business Process Outsourcing (BPO) provider. Read more about Quatrro’s compliance achievement. 

In December, E-Complish, New York City, a custom payment processing solutions provider, became re-certified in HIPAA compliance for its custom payment processing solutions. Read more about E-Complish’s certification.