Information Security Management System, certification and Global Security team ensure protection, integrity and availability of client data; Company remains first and only ISO 27001-certified independent support provider
LAS VEGAS, April 13, 2016 – Rimini Street, Inc., the leading global independent provider of enterprise software support services for SAP SE’s (NYSE:SAP) Business Suite, BusinessObjects and HANA Database software and Oracle Corporation’s (NYSE:ORCL) Siebel, PeopleSoft, JD Edwards, E-Business Suite, Oracle Database, Oracle Middleware, Hyperion, Oracle Retail and Oracle Agile PLM, today announced that it has again successfully completed the annual ISO/IEC 27001:2013 certification audit process (ISO 27001), achieving a result of “zero non-conformities” for the third consecutive year since incorporating this rigorous information management security process. To protect the assets and confidential data of Rimini Street, its prospects, clients and business partners, Rimini Street implemented a formal Information Security Management System (ISMS) under the ISO 27001 framework across the enterprise and has been officially certified since April 2013. Rimini Street remains the first and only ISO 27001-certified provider of independent enterprise software support services. The scope of the certification includes global provisioning of third-party software maintenance services including client on-boarding, delivery of support services and client engagement.
Information Security Certification is Critical Vendor Requirement
ISO 27001 is the most rigorous and recognized international standard for implementing and managing security controls that protect information assets. Organizations across the globe need to manage and protect their sensitive information, and as a result, ISO 27001 certification has increasingly become a requirement for doing business with many enterprises. Both public and private sector organizations are placing a high priority on hardening their internal information security and management systems, and are setting a requirement that their IT partners be ISO 27001 certified before qualifying as a trusted IT vendor, and allowing connection to their networks and access to their sensitive data
Company Committed to Safeguarding Data Confidentiality, Integrity and Availability
The Rimini Street ISMS is based on vital administrative, technical and physical safeguards including personnel screening, physical and environmental security, IT operations, asset and information management, ongoing security training and risk assessment. Rimini Street makes a significant investment in its ISO information security management system and certification, including a 24x7x365 Global Security workforce. Clients and partners across the globe have confidence knowing that Rimini Street has an extensive security and compliance framework and staff, and is committed to the confidentiality, integrity and availability of their data. Rimini Street’s ISMS also ensures clients, partners and stakeholders that Rimini Street is capable of fulfilling its commercial, contractual and legal commitments.
“Our relentless drive to deliver the highest quality, most secure experience to Rimini Street clients and partners around the world is reflected in the successful completion of our third annual, global ISO 27001 certification,” said Steven Salaets, global vice president, HR, Security, Risk & Compliance, Rimini Street. “The achievement of a perfect score for the third year running, means that our clients can rest assured in the knowledge that we have and maintain the rigorous controls needed in today’s world to protect the confidentiality, integrity and accessibility of their sensitive data.”
The ISO 27001 certification was carried out by Bureau Veritas, a respected global, independent, accredited auditor. To maintain the certification, Bureau Veritas verified that Rimini Street systematically assessed and mitigated any potential information security risks, including threats, vulnerability and impacts. Rimini Street demonstrated it has established a comprehensive suite of wide-ranging information security capabilities, processes and controls, and has adopted a management process to continuously evaluate and improve information security capabilities as the threat landscape evolves.
About The ISO 27001:2013 Standard
The ISO 27001:2013 standard was published in September 2013, and supersedes the ISO 27001:2005 information security standard. The new standard puts more emphasis on measuring and evaluating how well an organization’s Information Security Management System is performing, and includes a new section on outsourcing, taking into account that many organizations rely on third parties to provide various IT services.