At ELEARNINGFORCE International (EFI), we are awarded with the ISO/IEC 27001:2013 certification for our Information Security Management System (ISMS) used for the provisioning and development of LMS365.
We will review the ISMS policy at least annually to respond to any changes in the risk assessment or risk treatment requirements. In this article, we will describe ISO/IEC 27001:2013 and EFI's certification and commitment to continuously comply with the requirements of the policy.
ISO/IEC 27001 lays out requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS). The purpose of this is to aid organizations secure their information assets.
EFI's certification and commitments
At EFI, we have received the ISO/IEC 27001 certification for operating an ISMS that complies with the requirements of ISO/IEC 27001 for the following scope:
"ELEARNINGFORCE International's Corporate Information security management system used for the provision and development of a SAAS-learning management system (LMS) that provide Course & Content Management, Support Multiple Course Types & Learning Styles, Reporting & Tracking, Training Plans and Certifications & Compliance. This in accordance with Statement of applicability V. 3.0, dated 20210625."
EFI's ISMS is intended to be an enabling mechanism for information sharing, for digital operations, and for reducing information-related risks to acceptable levels.
With our ISMS, we practice an ongoing commitment to protect the confidentiality, integrity, and availability of all the physical and digital information assets throughout EFI. This is done in order to preserve the competitive edge, cash-flow, profitability, legal, regulatory & contractual compliance, and commercial image of EFI.
Information and information security requirements will continue to be aligned with these goals of EFI. We are audited against the standard every year by an independent third party, and will review the ISMS policy at least annually to respond to any changes in the risk assessment or risk treatment requirements.
Please see our ISO/IEC 27001 certification here: