HCL Software Compliance
HCL Software are committed to delivering secure environments to all our customers. In support of this commitment we have developed an Information Security Management System (ISMS) to drive consistency in approach across all of our products and services. Our ISMS allows us to set standards for security and measure our levels of compliance both internally and externally. One of our key external measures is the achievement of compliance certifications listed below.
ISO 27001 specifies a management system that is intended to bring information security under management control through specific requirements. Organizations that meet the requirements are certified by an accredited agency. By using a structured approach to defining and meeting the security requirements and a formal approach to risk management, organizations are able to minimize impacts to their information and assets, and give confidence to interested parties that security requirements are in place and being met.
The ISO 20243 standard is aimed at mitigating Maliciously Tainted and Counterfeit Products, combined with consistent and vigilant cybersecurity practices provides a roadmap for enhanced market-valued solutions. The standard is focused on verifiable processes and implementation proof points to address the concerns of customers, integrators, suppliers, auditing, regulatory organizations, as well as best practices for implementation. Organizations that meet the requirements are certified by an accredited agency. By using a structured approach to defining verifiable processes and best practices, organization are able to minimize cybersecurity impacts on their products and give confidence to interested parties that evidence-based verification is in place and being met.