Wrike successfully completes five BSI certifications
BSI, the world's leading certification body, has audited Wrike against five international standards: ISO 27001, ISO 27017, ISO 27018, ISO 27701, and STAR
Wrike became the first company to receive certificates of compliance from BSI for five international standards at once: ISO 27001, ISO 27017, ISO 27018, ISO 27701, and STAR.
The certificates were issued based on the results of an audit conducted by an international expert team of the British Standards Institution (BSI). Confirmation of compliance with these standards ensures maximum control over the security of the organization and strengthens the trust of customers in the Wrike platform.
Wrike has confirmed compliance with the following standards:
- ISO/IEC 27001 Information Security Management
It helps organizations manage and protect their information assets so that they remain safe and secure
- ISO/IEC 27017 – Code of practice for information security controls
Provides enhanced controls for cloud service providers and cloud service customers. This standard clarifies both party’s roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.
- ISO/IEC 27018 – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
Protecting personally identifiable information in the public cloud.
- ISO/IEC 27701 – Privacy Information Management System
This standard is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. An international management system standard, it provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.
- CSA STAR is a unique new scheme developed to address specific issues relating to cloud security as an enhancement to ISO/IEC 27001. CSA STAR Certification will provide reassurance as it requires the organization to address the specific issues that are critical to cloud security, and the maturity model assesses how well managed the activities in the control areas are.
Director of Application and Information Security at Wrike, Dmitry Desyatkov commented on this:
«Wrike is a comprehensive platform with great potential and use cases for projects of any scale and complexity. A lot of specialists are involved in everyday platform improvement and engage our customers to achieve ambitious goals even despite remote work. With great responsibility for our valued customers, we are very focused on integrating security and privacy management systems as a consistent part of the Product life cycle. Usage of the Wrike platform to support our security activities allowed us to simplify a wide range of security requirements to become a transparent and usual process flow for everyone. I believe that achieving these certificates is a good side effect of doing things right. »
«From the beginning of our compliance journey we had an interesting challenge to scale modern agile approaches to be both effective and meet well-known industry requirements, — Julia Omelyanenko, Compliance Manager, Security at Wrike, told us — We focused on dependencies we have between our processes to make them more simple and understandable across the team. It was an interesting experience to demonstrate the core ISMS and PIMS processes established within our platform, that we develop, and also conduct the remote external and self-assessments themselves through our platform. Apart from our minimum-bureaucracy integrated risk management approach, we were able to align our internal controls to multiple frameworks at the same time. »
« The British Standards Institution (BSI) is one of the oldest and mature certification bodies. Though Wrike may be seen as a pretty young company, considering common trends, Wrike has demonstrated continuous improvement of the maturity of internal processes and committed it by successfully passing the certification audits even for the newest industry standards. », — David Fardel, General Manager of the BSI MS CIS, concluded.