Cyber Security Certification

Businesses today face more risk than ever before. Digitalization of assets, products, and services threatens information security. Governments around the world have introduced tough regulations on issues ranging from data protection to bribery and corruption. And traditional threats to business continuity such as utility interruptions remain – but with a multiplier effect that comes from a growing dependence on digital networks and data.

Bureau Veritas’ Cyber Security suite of services offers a 360° view and a holistic approach to identifying the specific risks and opportunities your business faces, then managing them proactively. ISO standard-based international best practices enable you to integrate your management of various risks under the same umbrella, as well as gain an internationally-recognized certification.

ISO 27001 - Information Security Management System Certification

In an increasingly digitized and connected world, the threat of information security breaches is growing. By implementing and certifying to ISO 27001 data protection with Bureau Veritas, companies can minimize security breaches and ensure data confidentiality. With additional ISO 27017 and 27018 based audits, organizations can specifically address cloud-based information concerns.

ISO 27701 - Privacy Management System Certification

In today’s increasingly connected world, consumers generate massive volumes of data each day. Concern is mounting, however, over how companies capture, use and protect this data. Consumers are demanding greater transparency from businesses about the data they collect – and regulators are taking action. Certification to ISO 27701 assures stakeholders that your organization takes data privacy seriously.

Cloud Security

Bureau Veritas now offers the CSA STAR Certification for Cloud Security. The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Bureau Veritas North America has signed CSA STAR Certification contracts with companies such as FASTWEB SpA in Italy and IBM Enterprise & Security Services in North America, with more contracts to follow. For additional information please contact Ali Dincmen and Jaclyn Lueck.

ISO 22301 - Business Continuity Management System Certification

Implementing ISO 22301 helps companies mitigate property and revenue loss, reduce legal risks and maintain cash flow in the face of operational failures. Certification to the ISO 22301 standard helps you demonstrate the resilience of your business to unexpected delays.&

ISO 37001 - Anti-bribery Management System Certification

Countries are increasingly adopting anti-bribery standards, with harsh penalties for non-compliance. Certification to the ISO 37001 standard, an Anti-Bribery Management System, helps companies identify bribery risks, implement proportional controls and monitor their efficacy across an organization.

people walking through building, numbers overlayed for dramatic effect

Data Protection Certification and GDPR

Bureau Veritas offers a Data Protection Certification Scheme based on a Technical Standard to help companies comply with the EU’s General Data Protection Regulation (GDPR) and other emerging data protection laws. By receiving certification for Data Protection, companies ensure compliance with equivalent regulations worldwide.

ISO 55001 - Asset Management System Certification

Businesses are responsible for numerous physical and non-physical assets, which must be protected and used efficiently. Certification to the ISO 55001 standard can help you identify areas for improvement throughout the asset lifecycle and create a culture of transparency among stakeholders.

The Security, Trust, Assurance, and Risk (STAR) Registry is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards. Publishing to the registry allows organizations to show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks they adhere to. It ultimately reduces complexity and helps alleviate the need to fill out multiple customer questionnaires.