BPM LLP, the public accounting and advisory firm, has received ISO 27001 certification for its Security Operation Center (SOC), validating its “commitment to and investment in information security and data protection for clients”.
ISO 27001 is an international standard that helps organizations manage their data security and provides a framework for implementing information security management systems to ensure the confidentiality, integrity, and availability of corporate data.
BPM said its Security Operations Center (SOC) is an “innovative, fully managed SOC-as-a-Service (SOCaaS) offering that allows clients to offload some of the burden of cybersecurity and data protection”. Further, it claims the volume and domain specificity of BPM’s SOC business allows its team to provide services “more efficiently than most in-house teams, resulting in greater cost savings for clients”.
Behind the now-certified SOC is BPM’s IT Security and Compliance Advisory team, which has a wealth of experience preparing and onboarding clients to the BPM SOC, establishing onsite SOCs at client locations, and guiding business leaders through data security considerations and breaches.
To receive ISO 27001 certification, an organization must be audited by an authorized third-party to verify its information security expertise. Auditors review the organization’s practices, policies and procedures to assess whether it satisfies all requirements for certification.
The certification lasts three years, and organizations are reviewed annually as part of a continual audit process. Schellman and Company audited and certified BPM’s SOC as meeting or exceeding the ISO 27001 standards.
Sarah A. Lynn, head of BPM’s IT Security Advisory practice and partner in charge of its Fairfield office, said: “We are excited our SOC has achieved this highly regarded certification.
“At BPM, we take great care of our clients’ sensitive data—we will wear this certification as a badge of honor and will continue to demonstrate a rigorous information security process