Amman, Jordan, 16th October 2016: Aramex, a leading global provider of comprehensive logistics and transportation solutions, has achieved certification of the internationally recognized standard, ISO/IEC 27001:2013, Information Security Management Systems (ISMS).
The certificate was granted by the British Standards Institution (BSI), a Royal Charter Company and founding member of ISO following a rigorous auditing process of Aramex’s Global Support Services and Data Centers worldwide. This achievement demonstrates that Aramex increased its resilience and commitment to deliver the highest standards of Information Security.
ISO 27001:2013 is the strictest international standard available in information security management, enabling companies to certify the security practices they adopt within their organization. This requires a systematic examination of an organization’s information security risks, taking into account any threats or vulnerabilities. To achieve this certification, the organization must show a continuous and structured commitment towards managing sensitive corporate and customer information. The certification of this standard demonstrates Aramex’s comprehensive suite of security controls and how its management processes ensure these controls continue to meet internal and external stringent security needs.
Iyad Kamal, Chief Operating Officer of Aramex said, “We are delighted to have achieved this prestigious certification. It comes as a result of employing the latest data protection and information security management systems, and investing in latest world-class technologies to minimize all potential risks for the benefit of our customers. We will remain committed to ensuring we meet the most stringent security requirements and fostering a security culture within our organization.”
ISO/IEC 27001:2013 is an international standard prepared to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS. The governing principle behind ISMS is that an organization should design, implement and maintain a coherent set of processes and systems to manage risks to its information assets, thus ensuring acceptable levels of information security, usually summarized as confidentiality, integrity and availability. It also includes requirements on how to assess and address information security risks tailored to the needs of each organization.