TravelBank Demonstrates Commitment to Security and Privacy with New ISO 27001 Certification
Digital transformation has accelerated significantly in the last year due to the rise in distributed workforces, a result of the ongoing COVID-19 pandemic. More people and businesses are conducting sensitive operational business matters online, making the need for secure platforms that much more critical.
Today, we’re excited to share that TravelBank has successfully completed certification to the ISO/IEC 27001:2013, demonstrating that our team has invested in the people, processes and technology to protect the organization’s data, as assessed by an independent, objective, third-party expert, A-LIGN.
A-LIGN is an ISO / IEC 27001 certification body accredited by the ANSI National Accreditation Board (ANAB) to perform ISMS 27001 certifications. Upon completing the auditing process, A-LIGN found TravelBank to have technical controls in place and formalized IT Security policies and procedures.
Table of Contents
Achieving ISO 27001 Certification
For those who are not familiar, ISO/IEC 27001:2013 is a globally recognized standard for the establishment and certification of an organization’s information security management system (ISMS). The globally recognized framework establishes processes for organizations to implement, monitor, operate, monitor and maintain the ISMS in accordance with the organization’s cyber risk tolerance.
In order to achieve this certification, TravelBank went through two stages:
- Stage 1: A week long policy and process review to determine the readiness of our ISMS framework to undergo the full audit in Stage 2.
- Stage 2: An audit that includes in-depth testing to determine that the ISMS framework has been implemented appropriately, and is monitored and maintained per the ISO 27001 standard requirements and internal policies and procedures.
The third and fourth stages include time surveillance audits and re-certification.
Why does this matter?
Data security has been a core tenet of TravelBank culture since day one. We’re committed to providing a secure platform for managing expense and travel data, while delivering world class products and services. As TravelBank CTO Reid Williams shared in the press release, “Safeguarding our users’ data and privacy is our number one concern. It is very important to us that our customers feel safe and that they can completely trust TravelBank in how we store, handle and use their employees’ data.”
The ISO/IEC 27001:2013 certification is not an industry requirement but TravelBank invested the time and resources to achieve this certification to give users peace of mind and demonstrate that company’s commitment to providing the finest and most secure platform to our partners and customers. This new designation makes TravelBank one of the few travel and expense companies to go through this exceedingly diligent process.
Learn more about TravelBank’s commitment to security.