QuestionPro becomes ISO 27001 certified

In this era of data breaches, data sharing, and data hacks, we at QuestionPro wanted to go above and beyond the call for data security. Since the importance of our own internal data assurance and the security of our clients’ data has always been a top priority, we have taken the necessary steps to go through the training, processes, and certification for our ISO 27001.

The importance of an ISO certification on a global scale

The ISO 27001 is managed by the ISO and IEC subcommittee who have a global reach. Working with over 164 countries and implementing over 20,000 thousand standards since 1947. This history and prowess built some of the most widely recognized international standards we know today. While ISO establishes the actual standards, an external certification body provides the certifications. 



These graphics above from the British Standards Institution (BSI) show the impact that an ISO certification can have on a business. We worked with BSI to gain our accreditation, and you can check our certification status here.

Why is this important to our customers

Without an information security management system (ISMS), controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or only as a matter of convention.

As a customer-centric company, the security of our customer’s data has always been a top priority. Going through this standardization process is not just a one-time occurrence but now an ongoing verification that our standards are still in place and can be improved upon. 

  • An ISO certification is the de facto international standard for Information Security Management. This demonstrates a clear commitment to our customers and stakeholders about how importantly we take security.
  • It can provide compliance with, or certification against, a recognized external standard that can often be used to demonstrate due diligence.
  • This shows we have assessed possible risks and have plans ready to mitigate a breach.
  • We have been independently assessed to an international standard based on industry best practices.
  • For customers, there are no additional actions required. We’ve done all the heavy lifting and applied ISO security and privacy protocols to every account.
  • If your organization requests a security audit, then you can pass along our ISO certification status to review for approval. 

Going through this certification process demonstrates a clear commitment to our customers and stakeholders about how importantly we take security. For companies operating on a global scale, this puts us in the company of others who value data security. We look forward to embracing these standards and models for data security on a global scale. 

Read the global press release here.