New Report: The 2022 Gartner® Market Guide for IT Vendor Risk Management Solutions

Prevalent Achieves ISO 27001 Certification for Information Security Management

Globally recognized certification demonstrates Prevalent’s continued commitment to customer and partner security
September 07, 2022
Blog prevalent iso 27001 certification 0922

PHOENIX, AZ - September 7, 2022 – Prevalent, Inc., the company that takes the pain out of third-party risk management (TPRM), today announced it has achieved ISO/IEC 27001:2013 certification for information security management. Established by the International Organization for Standardization (ISO), the ISO 27001 certification follows a globally recognized standard that provides a model for establishing, monitoring and improving an information security management system.

ISO 27001 certification is indispensable for monitoring, reviewing, maintaining and improving a company’s information security management system, and provides customers and partners with greater confidence in their relationship with Prevalent.

ISO 27001 certification required that Prevalent:

  • Systematically examine information security risks, taking account of the threats, vulnerabilities and impacts;
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis.

As part of the ISO 27001 information security controls and systems audit, the company used its own Prevalent Third-Party Risk Management Platform to create an information security management system (ISMS) to track all aspects of risk, documentation, key performance indicators (KPIs), tasks, schedules, and requirements for its IT security needs. Prevalent customers can leverage this capability to address their ISO certification reviews as well.

The Prevalent Third-Party Risk Management Platform is a SaaS solution that enables companies to automate the critical tasks required to onboard, assess, manage, continuously monitor and remediate third-party security, privacy, compliance, operational and procurement-related risks across every stage of the vendor lifecycle.

“This certification reinforces our commitment to the highest principles of information security,” said David Allen, chief information security officer for Prevalent, Inc. “ISO 27001 certification provides our customers with peace of mind that our policies, standards and processes meet rigorous compliance requirements, while protecting their information across the industry’s most comprehensive third-party risk management platform.”

For more information about Prevalent’s ISO 27001 certification, 21074-ISMS-001, please read the latest company blog.

About the International Organization for Standardization (ISO)

The International Organization for Standardization (ISO) is an independent, non-governmental, international body that develops standards to ensure the quality, safety, and efficiency of products, services, and systems. With 24,375 standards and 167 countries represented, it is a hallmark of excellence and innovation for those who carry its certification.

About Prevalent

Prevalent takes the pain out of third-party risk management (TPRM). Companies use our software and services to eliminate the security and compliance exposures that come from working with vendors and suppliers and throughout the third-party risk management lifecycle. Our customers benefit from a flexible, hybrid approach to TPRM, where they not only gain solutions tailored to their needs, but also realize a rapid return on investment. Regardless of where they start, we help our customers stop the pain, make informed decisions, and adapt and mature their TPRM programs over time.

Media Contact

Angelique Faul, Silver Jacket Communications, 513-633-0897, angelique@silverjacket.net