Just today, we announced external certification of ISO 27001:2005 compliance. This certification is the latest in a decade-long series of third-party, audit-based accreditations we have sought and attained at Aon eSolutions. I encourage you to read our press release for more information.
I wanted to leverage the Aon eSolutions blog to further discuss a point we make in the press release: With independent certification, our clients are now assured that “ISO information security standards are an integrated component of all [Aon eSolutions’] business processes and technology systems.”
Why is this an important point for risk and insurance managers and the information technology, audit, compliance and security teams they work with? The short answer, which I’ll develop more fully in this post, is that many of the high-profile data breaches you read about in the news are caused not by external hackers, but rather by broken business processes and lack of policies and procedures. Certification of ISO 27001:2005 assures Aon eSolutions customers that our business processes and polices include the components of this strong and robust standard.