Specialist in high-quality software components for deeply embedded systems, HCC Embedded (HCC), has announced it has been awarded ISO/IEC 27001:2013 certification, one of the most widely recognised and internationally accepted information security standards. This certification reflects both HCC’s long-term commitment to quality management principles and its expertise in managing risk and protecting data on behalf of the company and its customers.
With the rising frequency of data breaches, security lapses, and cyber attacks, the ISO family of standards for managing information security has become increasingly important. HCC is building up its safety processes to serve the growing demands of industries such as automotive that require ISO 26262 compliance and demand proper processes for software development. All these standards require that companies developing to them are built on sound and auditable processes that manage all aspects of risk within a system of continuous improvement.
ISO 27001 uses a risk-based approach that identifies requirements and specifications for a comprehensive Information Security Management System (ISMS). The standard defines how organisations should manage information securely, including applicable security controls. To achieve this certification, an independent audit firm validated HCC’s security compliance and completed a rigorous process, in which HCC demonstrated an ongoing systematic approach to managing and protecting company and customer data. The audit process covered areas such as risk management procedures, threat mitigation, loss prevention, access control, physical security, and security practises.
“We continue to take HCC products to ever higher levels of quality and as part of this we have formalised our safety and security processes,” said HCC CEO Dave Hughes. “By pursuing and achieving the stringent ISO 27001 certification, we have gone above and beyond the required controls to mitigate risk and keep sensitive data secure and protected. We are uniquely building our company on auditable processes associated with risk management and data security, reflecting our quality commitment to customers.”
HCC attained ISO 9001:2015 quality management system certification in 2017. Achieving ISO 27001 certification further strengthens HCC’s commitment to quality, reassures customers that their data and products will be secure, and brings HCC into line with the new European General Data Protection Regulation for protecting data privacy.