How We Ensure Information Security and Keep Up Quality Standards with ISO 27001:2013 and ISO 9001:2015

How We Ensure Information Security and Keep Up Quality Standards with ISO 27001:2013 and ISO 9001:2015

MANTA Business We Are MANTA
January 6, 2021

Leveraging automated lineage provided by MANTA surely helps organizations enhance their data quality and increase its security.  But we also believe that when it comes to quality and security, they should be applied to a broader spectrum of cases, including the way companies operate. At MANTA, we live up to our principles, so we got ISO 9001:2015 and ISO 27001:2013. Here’s how we enforce them and what it means to everyone doing business with MANTA, from our customers, partners, and employees to those who just swing by our website or digital events.

ISO 27001:2013—Safety First!

To be ISO 27001:2013-compliant it’s necessary to implement an ISMS—information security management system. Having such a system gives us a better understanding of what data we store, where we store it, whether it’s safe, and what data formats we store. Having a complete overview of every nook and cranny of the environment allows us to fend off security threats, make sure that our ISMS’s scope is complete, align security controls with any third-party data processors, and make sure that all the necessary legal documentation is in place. What does that mean for our customers and employees? That their data is being managed and protected according to the highest security standards so we can minimize the risk of data falling into the wrong hands and that in the unlikely event of a data incident, we will take immediate, proper action to mitigate the issue. We also strictly control access rights and make sure that all confidential information that has been shared with us is used according to its purpose.

We work with customers and partners from all around the globe. Therefore, we are obliged to comply with various data-related regulations. Having the ISMS in place enables better governance of the sensitive data we process, which helps us comply with data protection acts of all kinds.

We trust our employees, but trust is not enough to make sure that sensitive data is handled with proper care and according to the legal requirements that MANTA is obliged to comply with. To ensure this proper care, every MANTA team member starts their journey with us by completing thorough security training that is repeated annually.

On a more technical note, tightening network security is our IT team’s top priority. From the very beginning of MANTA, we’ve been following a security policy that is continually being reviewed and updated in a way that allows the team to eliminate information security incidents. On top of the standard measures, we also monitor cybersecurity trends and perform regular penetration testing so we can spot and eliminate security weaknesses, adjust our policies accordingly, and continue to remain ISO 27001: 2013 compliant.

ISO 9001:2015—Top Quality

Along with ISO 27001:2013, we got ISO 9001:2015 certified. ISO 9001:2015 sets out the requirements to achieve effective quality management in an organization. IT covers the following principles of quality management.

  • Engagement of people
  • Customer focus
  • Leadership
  • Process approach
  • Improvement
  • Evidence-based decision making
  • Relationship management

Implementing these principles in our day-to-day operations allows us to provide top-quality products and roll out frequent updates. Streamlining our processes according to ISO 9001:2015 allows us to release a new version of MANTA every quarter that always contains new features and improvements that are developed based on user feedback and needs. Engaging our employees, giving them a voice, and encouraging them to speak up allows us to come up with new, fresh angles on the issues that we stumble upon daily and to resolve them in a heartbeat. All in all, teamwork makes the dream work, and fueling the said work with ISO 9001:2015 principles allows us to improve communication, increase every team’s efficiency, minimize mistakes, and schedule frequent releases that address our customers’ and suppliers´ real needs.

The journey to being ISO 27001 and 9001 certified, especially collecting the necessary documentation, is definitely not the easiest one, but it’s worth it. Because we have our information security under control, our IT team doesn’t lose sleep over possible security breaches. It also allows us to make sure that all sensitive data is handled with proper care and that data owners are held accountable for their actions. Designing our processes in accordance with these quality management principles allows us not only to work fast and efficiently, but what’s more important, to deliver the product that is meant to make our customers’ lives easier based on their needs and feedback, and not what we think or assume would be useful for them.

Read more about our Quality Policy, Information Security Policy, and the certificates we hold here. Would you like to know more about the work culture at MANTA? Check out our careers page to learn more about us, our values, and our current job openings.

Zosia Szczech

Content Specialist at MANTA