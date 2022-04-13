Leader in compliance automation adds third certification in less than two years to internal compliance program
SAN DIEGO , April 13, 2022 /PRNewswire/ -- Drata, a next-gen security and compliance automation company, today announced it has achieved ISO 27001/IEC 27001:2013 certification, adhering to the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) for Drata's internal compliance program. Drata is now compliant with three standards, in addition to SOC 2 and GDPR.
"As a leader in compliance automation, embodying the security best practices that we advocate to our customers is incredibly important to how we operate internally at Drata," said Ross Hosman, CISO at Drata. "Drata becoming ISO 27001 certified is another testament to our investment in security and commitment to building trust with our customers."
ISO 27001 is an international compliance standard designed by the International Standards Organization (ISO) with the intention of applying to companies of all sizes and industries. The ISMS proposed by the ISO should maintain the confidentiality, integrity, and availability of information via a risk management strategy, and should factor information security in the company's design of processes, information systems, and controls. The certification process consists of two audit stages to properly validate the efficacy and implementation of the company's policies and controls. Depending on company size, ISO 27001 traditionally can be completed between three and 12 months. Shortly a year after its public launch, Drata achieved ISO 27001 certification in four months, issued by Aprio.
For more on Drata's ISO 27001 certification, please visit: drata.com/our-path-to-iso-27001.
About Drata
Drata is the world's most advanced security and compliance automation platform with the mission to help businesses earn and keep the trust of their users, customers, partners, and prospects. With Drata, companies streamline SOC 2, ISO 27001, HIPAA, PCI DSS, and/or GDPR compliance through continuous, automated control monitoring and evidence collection, resulting in a strong security posture, lower costs, and less time spent preparing for annual audits. The company is backed by ICONIQ Growth, Alkeon Capital, Salesforce Ventures, GGV Capital, Cowboy Ventures, Leaders Fund, Okta Ventures, SVCI, SV Angel, and many key industry leaders. For more information, visit drata.com.
