Information Security & ISO 27001

Our Commitment to Information Security

Our Commitment to Information Security

Independent Information Security Rating Institute (IISRI®) takes information security seriously. Protecting the confidentiality, integrity, and availability of information is fundamental to our mission and to the trust placed in us by clients, partners, and stakeholders worldwide.

We operate an Information Security Management System (ISMS) that governs how we manage people, processes, technology, and data across our organisation.

ISO/IEC 27001 Background

IISRI® was previously certified to ISO/IEC 27001 for its Information Security Management System, covering:

  • Internal and external rating services
  • Assessment management systems
  • Supporting people, processes, infrastructure, hardware, and software

This certification demonstrated alignment with internationally recognised best practices for information security management.

Previous ISO/IEC 27001 Certificate

Download our previous ISO 27001 certificate (expired). This certificate is provided for historical reference and demonstrates our longstanding commitment to information security.

Download Certificate (Expired)

Current Certification Status

While IISRI® is not currently certified, we are actively undergoing ISO/IEC 27001:2022 certification, with formal certification planned for February 2026.

The transition to ISO/IEC 27001:2022 reflects:

  • Changes in the threat landscape
  • Updated Annex A controls
  • Stronger focus on governance, risk, and operational resilience

Our ISMS continues to operate and evolve in line with ISO 27001 principles during this certification process.

What This Means for Our Clients

Even while certification is in progress, IISRI®:

Structured Policies

Maintains structured information security policies and procedures

Risk-Based Controls

Applies risk-based controls aligned with ISO 27001 requirements

Continuous Improvement

Conducts internal reviews and continuous improvement activities

Security-by-Design

Embeds security-by-design across services and platforms

Our approach ensures that information security is not a checkbox exercise, but an integral part of how we operate and deliver value.

Transparency & Trust

We believe transparency builds trust. That is why we clearly communicate our certification status and do not make claims beyond what is accurate and verifiable.

Upon completion of ISO/IEC 27001:2022 certification, this page will be updated accordingly.

Scope of Our Information Security Management System

Our ISMS covers IISRI®'s core activities, including but not limited to:

Rating Services

Security rating and assessment services

Platform Management

Platform and data management systems

Corporate Functions

Supporting operational and corporate functions

This ensures a consistent, organisation-wide approach to managing information security risks.

Continuous Improvement

Information security is a journey, not a one-time milestone.

Our ISO 27001:2022 certification initiative is part of our broader commitment to:

Continuous Improvement
Regulatory Alignment
Stakeholder Confidence

Questions About Our Information Security?

Contact us to learn more about our ISO 27001:2022 certification journey and ISMS.

Contact Us