What makes ISO/IEC 27701:2019 Certification different from ISO/IEC 27001:2022 Certification?

 ISO 27000 family of standards covers a broad spectrum of business activities from information security to data privacy. However, 27000 family standards apply to all organisations and are mandatory for businesses collecting and complying with huge amounts of users’ data. The entire world is swiftly transforming into a more connected and digital interface to provide users with better facilities and make life more comfortable.

The full name of the ISO 27000 family is the ISO/IEC 27000 family of standards, as these standards are jointly formulated and published by the International Organisation for Standardisation and the International Electrotechnical Commission (IEC).

A list of significant standards that are part of ISO 27000 family ⮯

1.ISO/IEC 27001:2022 Certification for Information Security Management Systems (ISMS)

2. ISO/IEC 27701:2019 Certification for Privacy Information Management Systems (PIMS)

3. ISO/IEC 27002:2022 Certification- extension to ISO/IEC 27001 and ISO/IEC 27701

What is ISO/IEC 27001:2022 Certification? ⮯

ISO/IEC 27001:2022 Standard for Information Security Management Systems (ISMS) outlines the requirements for an organisation to adopt and implement appropriate security controls to attain information security. The standard provides the organisation with the best sets of practices and measures to safeguard the vast amount of users’ data. However, the certification not only demonstrates the organisation’s adherence to the information security regulations but also showcases its responsible behaviour towards the users’ data.

An effective information security system within the organisation regularly monitors and ensures the following aspects:

It requires an organisation to conduct a risk assessment to identify the potential threats and risks to the valuable data assets.

The next step after conducting a risk assessment is to outline appropriate strategies and frameworks to address and eliminate the identified data security risks and threats.

An organisation must evaluate, monitor, and analyse the effectiveness of the implemented security controls and tools to ensure information and data security.

Lastly, the principle of continuous improvement is the cornerstone of ISO/IEC 27001 to attain the intended outcome.

What is ISO/IEC 27002:2022 Certification? ⮯

ISO/IEC 27002 is an extension to ISO/IEC 27001 and ISO/IEC 27701 certifications that aims to provide the organisation to establish, implement, and improve security controls to enhance cybersecurity. Additionally, ISO/IEC 27002 forms part of Annex A Controls of ISMS and provides the organisation with better controls and practices to protect and safeguard users’ data.

What is ISO/IEC 27701:2019 Certification? ⮯

ISO/IEC 27701:2019 Certification is an internationally known for Privacy Information Management Systems (PIMS). The standard guides organisations, including Information Technology (IT) Companies, such as SaaS and Cloud Computing, to comply with privacy and information regulations. Moreover, ISO/IEC 27701 outlines the framework for Personally Identifiable Information (PII) controllers and Personally Identifiable Information (PII) processors to maintain users’ data privacy.

ISO/IEC 27701:2019 certification aligns with the General Data Protection Regulation (GDPR) to give users the right to access personal information. Moreover, it allows users to manage who can see their confidential data and how and where to use it.

Why should organisations go for ISO/IEC 27701:2019 certification even though they have ISO/IEC 27001:2022 Certification? ⮯

Information Security Management System and Privacy Information Management Systems seem to be the same on the surface; however, they are two different yet significant sides of the same coin: data protection. Privacy is a user’s personal information and how s/he allows the other party to access and view it. However, security means protecting the collected and stored data and information with the various organisations. Cybersecurity encompasses both privacy and information security and helps organisations safeguard data against unauthorised access to eliminate leaks and data breaches. Organisations can find the data protection concepts and regulations in ISO/IEC 27701. However, ISO/IEC 27701 is also a part of the security requirements of ISO 27001 standards. Organisations need to define baselines for 27001 to build 27701 policies, processes, and implementation technologies. Hence, it becomes necessary for organisations to obtain ISO/IEC 27701:2019 Certification despite having ISO/IEC 27001:2022 Certification due to the following reasons:

Information Security Management System (ISMS) ensures the protection of the valuable data assets of clients and customers. Moreover, the certification provides the organisation with essential resources and controls to manage information security. ISO/IEC 27001 also establishes a flexible framework for oversight and establishing accountability within the organisation’s information security procedures.

ISO/IEC 27701 outlines the framework for a Privacy Information Management System (PIMS). Furthermore, since the PIMS includes many of the ISMS’s key components, it is an extension of the organisation’s existing ISMS. Businesses need to ensure expanding 27001 controls to meet the criteria while drafting policies and procedures for data protection.

Conclusion ✅

ISO/IEC 27701:2019 and ISO/IEC 27001:2022 certifications work together to provide organisations with better security controls to ensure information security and data privacy. However, the purpose and objective behind publishing both standards vary, as one works to provide tools and controls to attain information security. Whereas the other ensures the protection of users’ private and confidential information.

source - https://www.siscertifications.com/difference-between-iso-27701-and-27001-certification/

Significance of ISO 41001 for Industries Globally

 ISO 41001:2018 is the internationally recognised standard used worldwide related to the Facility Management system(FMS). The standard offers a framework for managing facilities effectively and economically, and it addresses every facet of facility management, from planning and design to operation and maintenance. Facility Management Systems may assist facility managers in enhancing operational effectiveness, resource allocation optimisation, safety and security enhancement, and regulatory compliance connected to building operations.

ISO 41001:2018 is relevant to all organisations regardless of sector, size or location. The best practices from throughout the world are examined and reported to develop the ISO 41001:2018 certification. This standard gives businesses a wide range of options for action that will enable them to deliver strategic planning at new standards, create tactics, and enhance new plant management.

ISO 41001:2018 helps industries ensure that their facility management processes are efficient and cost-effective. Additionally, it provides guidance on how to improve existing processes and ensure compliance with legal requirements. By implementing ISO 41001:2018, industries can demonstrate their commitment to providing quality services while also improving safety standards and reducing operational costs.

This makes it a valuable tool for any industry looking to improve its facility management operations on a global scale. Adopting this standard can bring numerous benefits to industries, including improved efficiency in managing resources, better communication between departments, and increased customer satisfaction.

However, there are several challenges related to adopting and implementing ISO 41001 in different organizations. These include the cost of implementation, lack of understanding about the standard, difficulty in measuring compliance, lack of resources to implement it effectively, and resistance from employees. Overall, having effective Facility Management Systems in place is essential for any industry looking to remain competitive in today’s global market.

Some of the core benefits of ISO 41001 for industries globally

Industries may reduce facility-related risks by identifying and addressing them with ISO 41001, which can help avoid mishaps, injuries, and other occurrences.

A facility management system standard eliminates trade restrictions and opens up the global market. It demonstrates a company’s capacity to integrate global best practices into its management system.

The standard provides guidance on developing policies and procedures that all stakeholders can use in the organisation. It provides higher efficacy and efficiency, which results in greater cost savings for the organisation.

It guarantees continued competitiveness on a national and worldwide scale.

It helps an organisation to adopt tools and approaches to manage the constantly evolving trends in infrastructure development.

Conclusion ✅

The importance of ISO 41001 lies in its ability to help organizations improve their facility management processes and reduce costs associated with managing their facilities. This leads to establishing a culture of increased productivity and increased profitability for businesses. It also helps in reducing environmental impact by minimizing energy consumption and waste production. It makes sure that organizations ensure compliance with local regulations and industry standards. Additionally, it can help organizations to improve their growth by providing better services and improved safety measures.

source - https://www.siscertifications.com/significance-of-iso-41001/

Tourism Development Fund Reinforces Commitment to Quality with Four ISO Certifications

 Riyadh, October 10, 2024, SPA -- The Tourism Development Fund (TDF), a key enabler in Saudi Arabia's tourism sector, has obtained four ISO certifications recognizing TDF's leadership in risk management, legal risk management, facilities management, and occupational health and safety, according to a TDF press release.

This accomplishment underscores TDF’s commitment to maintaining high standards of quality and institutional excellence across its operations while supporting the goals of Saudi Vision 2030.

CEO of TDF Qusai Al-Fakhri remarked: "These certifications are a powerful endorsement of TDF’s commitment to excellence across all operational aspects. They are a testament to the efforts of our teams, who uphold the highest standards in risk management, employee well-being, and facility management. We remain focused on driving innovation and building a sustainable future for Saudi tourism, in line with the objectives of Vision 2030 and the National Tourism Strategy."

These certifications highlight TDF’s holistic approach to risk management, workplace safety, and operational excellence. The ISO 31000 certification recognizes TDF’s robust risk management framework, enabling effective navigation of financial, operational, and strategic risks to drive sustainable growth in Saudi Arabia’s tourism sector.

Furthermore, the ISO 31022 certification demonstrates TDF’s proficiency in legal risk management, safeguarding its operations and fostering long-term resilience by adopting a structured framework for identifying and addressing legal risks.

According to the release, TDF's commitment to employee health and safety is reaffirmed by the ISO 45001 certification, ensuring a safe working environment that boosts productivity and efficiency. Additionally, the ISO 41001 certification for facilities management highlights TDF’s excellence in managing physical assets, including security, maintenance, and safety protocols to create an optimal environment for employees and stakeholders.

These four ISO certifications represent a significant milestone in TDF’s continuous efforts to elevate Saudi Arabia’s tourism industry. "By adhering to the highest operational performance standards and institutional excellence, TDF is poised to play a central role in shaping a prosperous and sustainable future for tourism in the Kingdom, while maintaining its standing as a global leader," the release read.

source - https://www.spa.gov.sa/en/N2186227

Fentons Smart Facilities first in Sri Lanka to obtain ISO certification for Facility Management

ISO 41001:2018 – world’s first international FMS standard published in 2018

Fentons Smart Facilities Ltd., the Facility Management arm of Hayleys Fentons, reached yet another milestone by being accredited the ISO 41001:2018 certification from SGS Lanka Ltd., and becoming the first ISO-certified facility management service provider in Sri Lanka.

The ISO 41001:2018 certification, the world’s first standard for Facility Management Systems (FMS) outlines the best practices and requirements for an effective and efficient facility management system, highlighting the importance of integrating people, processes, places, and technology to create a sustainable and productive environment.

Hayleys Fentons Managing Director Hasith Prematillake commented on this achievement, highlighting the immediate and long-term benefits of excellent Facility Management practices, especially in the rapidly developing high-rise developments of Colombo. “As the demand for managing these facilities grows due to the proliferation of high-rise structures like shopping complexes, condominiums, and office buildings, FM will play a crucial role. Integrating Facilities Managers during the development phase can significantly reduce maintenance problems and costs post-occupancy. Proper Facility Management also contributes to factors such as human comfort, operational processes, sustainability, and cost control,” stated Hasith Prematillake “We are proud to be at the forefront of the facility management industry in Sri Lanka,” said Executive Director/CEO Sujith De Alwis. “ISO 41001: 2018 certification sets us apart and offers a powerful market differentiation, marking our dedication to adhering to internationally recognised standards and benchmarks. ISO 41001:2018 will be critically important as it will address areas such as human comfort in the building, operational processes and costs, and sustainability.”

Fentons will continue to solidify its reputation as a reliable and innovative partner for organisations seeking to optimise their operational environments.

source - https://www.ft.lk/business/Fentons-Smart-Facilities-first-in-Sri-Lanka-to-obtain-ISO-certification-for-Facility-Management/34-753954

Facilities Management System Certification - ISO Certification 41001:2018 for Kangean Energy Indonesia Ltd.

 Introduction

Colliers Indonesia Facilities Management team started its services for Kangean Energy Indonesia Ltd. in 2020. Kangean Energy Indonesia Ltd. already had a very specific vision and mission, which is to have the best Facilities Management applied in a company within the SKK Migas organization.

As part of SKK Migas, which has high standards in the office facilities management, Kangean Energy Indonesia Ltd. aims to exceed the standards by getting its Facilities Management System Certification – ISO 41001:2018 certification.

The ISO 41001 certification is an internationally recognized company standard or guide for facility management implementation. Kangean Energy Indonesia Ltd. is committed to doing its best in the field of Facility Management by implementing ISO 41001 standards. With this certification, Kangean Energy Indonesia Ltd. demonstrates its commitment to the long-term implementation of International Standard Facility Management. The ISO certification will be its first step toward this achievement.

Challenge

In order to reach the goal of being the best facility management within SKK Migas, there were several challenges our Facilities Management and Kangean Energy Indonesia Ltd team faced, such as:

Due to the pandemic, the certification and coordination process could not always be carried out directly and communication had to always be on point.

The team’s assessment and measurement processes were limited due to visiting restrictions and regulations during PPKM.

The site was closed a few times and there was limited visiting access.

Since the ISO certification that Kangean Energy Indonesia Ltd. wanted to achieve is still relatively new, so Colliers had to ensure that all certification components can be fulfilled and carried out properly.

Kangean Energy Indonesia Ltd. has a limited internal number of FM team members; therefore, all information and documents regarding the certification needs had to be aligned, especially in terms of technical matters, so that the assessment can meet its standards.

Strategy

In order to conquer the goals above, our team of experts applied a few strategies to ensure that Kangean Energy Indonesia Ltd. succeeded. The strategies were:

Optimize the usage of information technology for work efficiency, for both Colliers and Kangean Energy Indonesia Ltd., by having consistent online meetings and collaboration, while using a cloud drive to store all the documents.

Apply expertise to established efficient coordination with all parties involved (client, tenants, landlords, vendors, contractors, etc.)

Carry out all audit processes virtually.

Conduct awareness training to ensure The Kangean Energy Indonesia Ltd. team has a proper knowledge of ISO.

Implement preventive maintenance and corrective management in accordance with the agreed-upon response times.

Provide added value by involving the QHSE, Engineering, helpdesk, and sustainability teams under the supervision of the portfolio manager.

Apply expertise in conducting initial assessments by providing consultancy for best practice implementation and development of facility management systems, and help to prepare for the ISO certification by participating in internal audits.

Conduct gap analyses and develop a program for the internal team to close the existing gaps in order to meet the standard requirements as defined by the assessor in the audit process, namely BSI.

Result

In line with our value of ‘Be Experts’, Colliers provided a strong team to run the daily operation of facilities management to successfully assist Kangean Energy Indonesia Ltd. in obtaining its ISO certification. Kangean Energy Indonesia Ltd. was awarded the ISO 41001:2018 on June 23rd, 2022.

Aside from that, with Colliers assistance, Kangean Energy Indonesia Ltd. was also successfully initiated as the Best Facilities Management within SKK Migas in 2021.

source - https://www.colliers.com/en-id/news/e22-client-success-facilities-management-system-certification-iso-certification-41001-2018

Al Fajer Facilities Management receives ISO 41001 Certification

Al Fajer FM completed its ISO 41001:2018 certification, the World’s First International Facilities Management management System (FMS) in September 2019. The Accreditation ensures international best practices are evident across each functional department. The Audit was conducted by Das Certifications, A Renowned Certification Body in the Middle East . Al Fajer FM has demonstrated its ability to deliver upon the standards with efficient processes, skilled people and a healthy operational model.

Ms. Sangeetha, Dept. CEO, Al Fajer FM said, “Despite its ubiquitous nature, it has always been a challenge to quantify the quality and effectiveness of FM services.  The ISO 41000 will provide a standardised platform to assess and demonstrate the value that can be delivered by FM companies”

In 2019, Al Fajer FM has expanded its base to Abu Dhabi while also maintaining a good performance in 2019 by adding contracts worth more than AED 50 million.

Al Fajer FM has a proven track record of delivering FM services in the region for the last 12 years with focus on operational excellence, technology integration, client engagement, cost optimisation and innovation.

source - https://www.cbnme.com/news/al-fajer-facilities-management-receives-iso-41001-certification/

GEG and its Property Hotels Recognized for Green Initiatives and Certifications

 Galaxy Entertainment Group (GEG) has been recognized for its commitment to environmental protection and sustainable development. GEG has received various International Organization for Standardization (ISO) certifications from the British Standards Institution (BSI) for its facilities and environmental management. Banyan Tree Macau, Galaxy Hotel™, Hotel Okura Macau, and Galaxy International Convention Center (GICC), all properties of GEG, have also achieved EarthCheck Gold and Silver certifications for their environmental management performances.

 2024-05-21 Platform Studio

Share 

Banyan Tree Macau achieved the EarthCheck Gold Certification for the fifth consecutive year, while Galaxy Hotel™ and Hotel Okura Macau have received the EarthCheck Silver Certification. The certifications were jointly received by representatives from the awarding hotels.

BSI’s representative (second from left) presented the ISO certifications to representatives of GEG’s related departments.

GEG recently held the “Sharing GEG Sustainability Journey” event at GICC. Apart from introducing its recent green initiatives and accomplishments with team members, GEG also invited sustainability industry professionals to share insights on current practices and future trends in sustainable development and management.

To promote green initiatives and increase awareness among its team members, GEG recently organized the “Sharing GEG Sustainability Journey” event. Industry professionals were invited to share insights on sustainable development and management practices.

The event was attended by GEG’s management team members, executives from its property hotels, and members of the Energy and Environmental Management Committee.

GEG’s commitment to environmental sustainability has been acknowledged through multiple ISO certifications awarded by BSI, including ISO 41001 Facilities Management System, ISO 50001 Energy Management System, ISO 14001 Environmental Management System, and ISO 45001 Occupational Health and Safety Management System. Additionally, Banyan Tree Macau, Galaxy Hotel, Hotel Okura Macau, and GICC received EarthCheck Gold and Silver certifications for their outstanding environmental management performances.

Mr. Raymond Lui, Director of Enterprise Solution and Marketing of BSI, explained the values, benefits and certification standards of ISO certifications to hospitality enterprises.

Ms. Lucia Loposova, Executive Director of GREEN Hospitality, a sustainable development platform in Hong Kong, shared with team members the insights on the current status and future trends of the sustainable development in the Greater Bay Area and the global hospitality industry, in hopes of deepening team members’ understanding of green tourism.

Mr. Justin Li, Assistant Vice President of Sustainability and Technical Services of GEG, presented team members with the latest sustainability and environmental initiatives implemented by GEG.

During the event, GEG representatives highlighted the company’s latest sustainability and environmental initiatives. These include optimizing facility systems, introducing intelligent transportation robots to improve efficiency and reduce energy consumption and carbon emissions, and replacing plastic amenities with sustainable alternatives like bamboo.

GEG has also taken significant steps to reduce plastic waste by replacing single-use bath products with refillable or large-capacity containers, resulting in the replacement of over 18 million plastic amenities annually.

BSI representatives provided insights into the value and benefits of ISO certifications, while representatives from GREEN Hospitality shared information on sustainable development trends in the Greater Bay Area and the global hospitality industry. The objective was to deepen team members’ understanding of green tourism and sustainability practices.

You Might Be Interested In

GEG Title Sponsors Vitality Walk 2024, Celebrating Double Anniversaries

National Gold Medalists at Macau Vitality Walk 2024 by Galaxy Entertainment

GEG Donates MOP700,000 to Tung Sin Tong for the 21st Consecutive Year

GEG’s efforts in environmental protection and sustainable development have been recognized through various awards.

Last year, GEG received the Gold Award for Climate Change Initiative in the Sustainability and Social Responsibility Category from the Pacific Asia Travel Association and the Sustainability Award at the International Gaming Awards. GEG’s flagship properties’ hotels have also received Green Hotel Awards organized by the Environmental Protection Bureau of the Macau SAR Government and the Macao Government Tourism Office.

GEG remains committed to its philosophy of using community resources for the benefit of the community. The company will continue to improve its environmental sustainability performance and contribute to the development of Macau as a livable green city and a premier tourism destination.

source - https://www.plataformamedia.com/en/2024/05/21/geg-and-its-property-hotels-recognized-for-green-initiatives-and-certifications/

KFSHRC Madinah achieves international ISO certification in facilities management

 Madinah: King Faisal Specialist Hospital and Research Centre (KFSHRC) in Madinah has been awarded the ISO 41001:2018 international certification for Facility Management, recognizing its efforts in implementing global best practices to enhance operational efficiency, achieve the highest standards of quality and sustainability, and provide an optimal work environment.

The certification is recognized as a leading benchmark in facilities management, providing a framework for institutions to improve resource management, reduce operational costs, and ensure a safe and environmentally friendly workplace. It also enhances patient and visitor experiences by delivering safe and healthy services, prioritizing patient comfort, and ensuring the quality of services provided.

The positive impacts extend to reinforcing environmental sustainability practices by improving energy and water efficiency and reducing environmental footprints. Additionally, it offers a robust framework for risk management and strategic planning to develop future facilities and services, further strengthening patients' and the community's confidence in the hospital's ability to provide advanced healthcare services that meet the highest standards of excellence.

KFSHRC Madinah houses 400 beds and serves the region and surrounding areas, specializing in paediatric and adult oncology, ophthalmology, and obstetrics and gynaecology. The hospital has also achieved 14 accreditations for training across various medical and nursing specialties.

It is noteworthy that KFSHRC has been ranked first in the Middle East and Africa and 20th globally in the list of the world’s top 250 Academic Medical Centres for the second consecutive year and recognised as the most valuable healthcare brand in the Kingdom and the Middle East, according to the 2024 Brand Finance rankings. Additionally, it was included in the World’s Best Smart Hospitals list for 2025 by Newsweek magazine.

For more information, visit www.kfshrc.edu.sa or contact our media team at [email protected]

source - https://www.zawya.com/en/press-release/companies-news/kfshrc-madinah-achieves-international-iso-certification-in-facilities-management-gb9nzunh

Impelsys Achieves ISO 13485:2016 Certification for Medical Device Quality Assurance

Impelsys earns ISO 13485:2016 certification, reinforcing its commitment to medical device quality assurance, safety, and innovative healthcare solutions.

This achievement is the result of a rigorous evaluation of Impelsys' quality management systems, assuring clients that our solutions meet the high standards of the medical device industry.”— Vinod Kumar TV, Chief Operating Officer (COO)NEW YORK CITY, NY, UNITED STATES, February 18, 2025 /EINPresswire.com/ -- Impelsys, a global leader in technology solutions, is delighted to announce certification for ISO 13485:2016. This international standard for quality management systems (QMS) ensures the safety and reliability of medical devices and related services. This milestone is a testament to Impelsys’ dedication to upholding the highest standards in medical device QA and developing safe, reliable, and innovative healthcare solutions.

“Securing this certification underscores our dedication to robust quality management,” said Vincent Emerald, Head of Quality Assurance. “This accomplishment reflects our team's tireless efforts to deliver solutions that meet the highest standards of quality and safety in the healthcare industry, ensuring better outcomes for patients and providers alike. This certification also enables us to offer comprehensive Verification & Validation (V&V) services for medical devices.”

Vinod Kumar TV, Chief Operating Officer (COO), added, “This achievement is the result of a rigorous evaluation of Impelsys' quality management systems, processes, and practices. The certification is an internationally recognized quality benchmark, assuring clients that Impelsys’ solutions meet the high standards of the medical device industry.”

Impelsys provides comprehensive digital solutions to healthcare and this certification further augments its repertoire of transformative solutions, which include Clinical Data Management Services, Healthcare Data Analytics, Application Development, and Learning and Content Solutions.

About Impelsys

Impelsys is a global technology leader specializing in helping organizations transform into digital-first, data-driven enterprises. Headquartered in New York, with innovation centers in Porto, Portugal, and Medellin, Colombia, and engineering hubs in Bangalore and Mangalore, India, Impelsys supports a growing global clientele.

source - https://www.wane.com/business/press-releases/ein-presswire/786946522/impelsys-achieves-iso-134852016-certification-for-medical-device-quality-assurance/

Singulr AI Launches to Help Enterprises Take Control of the AI Surge

 Startup secures $10M in Funding to Streamline and Secure Enterprise AI Use at Scale

February 18, 2025 08:00 AM Eastern Standard Time

PALO ALTO, Calif.--(BUSINESS WIRE)--Singulr AI launched today with the general availability of its enterprise AI governance and security platform, already deployed across companies in the technology, finance, and healthcare sectors. The startup also announced $10 million in seed financing led by Nexus Venture Partners and Dell Technologies Capital, with participation from leading industry executives.

“The Singulr team has a proven track record of taking on enterprise challenges at Arkin and VMware and are well-equipped to do so again.”

Post this

The enterprise AI surge is real. In live customer environments, Singulr consistently discovers 500+ unique AI services and models in use, with many of them redundant. Over three out of four employees use unapproved “Shadow AI” tools, often linked to personal accounts that expose enterprise IP. This dynamic threat will force organizations to balance rapid AI deployment against security risks and rising costs. Further, the rise of agentic AI increases complexity, making enterprise-grade governance essential for scaling AI operations.

Singulr helps customers get ahead and stay ahead of AI adoption with:

Continuous discovery of all AI-in-use, including homegrown LLM applications and agents, public AI services, and embedded AI in SaaS applications, along with deep contextual insights into application settings, user activity, and sensitive data exposure in prompts or uploaded files.

Rapid AI onboarding with automated risk scoring of AI services and models so that teams can quickly vet and approve new requests, unsanctioned use, or changes in models, dataset, or applications.

Continuous AI-powered protection using context-aware policies and enforcement that allows organizations to permit, restrict, warn, redact, and trigger security tickets and workflows.

Using a single platform, CIO and IT operations teams can rationalize their AI service inventory and reduce unnecessary spend, while CISO and risk teams can streamline the onboarding of safe AI use cases while implementing granular policies to prevent data leakage and shadow AI.

“Companies are experiencing explosive growth in AI adoption across employees, partners, and vendors – but this surge comes with mounting security risks and costs,” said Shiv Agarwal, CEO and Co-founder of Singulr. “Through our extensive market research, we recognized that the broad use of generative AI technology is a complex problem needing an enterprise-grade solution to scale and secure. We started Singulr to help enterprises rapidly adopt and operationalize powerful new AI technologies while managing costs and minimizing risk.”

Founders Shiv Agarwal and Abhijit Sharma, who previously built Arkin Net (acquired by VMware), reunited the team to build Singulr. In just one year, they have gone from a concept to a generally available solution that integrates seamlessly into enterprise environments without requiring infrastructure changes. Singulr is launching with SOC 2 and ISO 27001 compliance, ensuring enterprise-grade security and trust.

“AI is transforming business with a new technology stack, evolving usage patterns, and unprecedented risks—forcing companies to rethink how they do security and governance,” said Jishnu Bhattacharjee, Managing Director at Nexus Venture Partners. “The Singulr team has a proven track record of solving complex, enterprise-scale problems and is launching a proven solution that enables businesses to efficiently and safely harness AI’s potential. I’m excited to partner with Shiv and the team again as they establish Singulr as the category leader.”

“This is the year the enterprise moves from experimenting with AI to leveraging its potential for pivotal business challenges. However, this adoption brings complex operational and security challenges requiring a systems approach—from developer experience to endpoint defense,” said Raman Khanna, managing director at Dell Technologies Capital. “The Singulr team has a proven track record of taking on enterprise challenges at Arkin and VMware and are well-equipped to do so again.”

Companies interested in safe and cost-effective AI use can request a sample Instant AI Audit report or an AI Audit assessment at https://singulr.ai/sample-report.

About Singulr AI

Singulr AI is an enterprise AI governance and security platform that helps streamline and secure enterprise AI use at scale. Security, IT, and AI teams can now accelerate AI-driven innovation while reducing business risks and unnecessary costs from data leakage, shadow AI, and AI sprawl. For more information, visit https://www.singulr.ai.

source - https://www.businesswire.com/news/home/20250218711276/en/Singulr-AI-Launches-to-Help-Enterprises-Take-Control-of-the-AI-Surge

Pitney Bowes Named Top Company in Shipping Software Solutions for 2025 by Logistics Tech Outlook

 STAMFORD, Conn.--(BUSINESS WIRE)--Pitney Bowes (NYSE: PBI), a technology-driven company that provides SaaS shipping solutions, mailing innovation, and financial services to clients around the world—including more than 90 percent of the Fortune 500, today announced Pitney Bowes has been recognized as the Top Company in Shipping Software for 2025 by Logistics Tech Outlook, a leading enterprise technology magazine trusted by senior-level leaders and decision-makers in the logistics industry. This award highlights Pitney Bowes’ commitment to delivering cutting-edge shipping technology that empowers businesses to streamline their logistics operations.

“As businesses continue to face logistical challenges, our technology provides them with the flexibility and intelligence needed to make informed shipping decisions, optimize costs, and enhance overall efficiency.”

Post this

“Pitney Bowes has set a new benchmark in the shipping software industry by providing highly adaptable, secure, and data-driven solutions,” said Linda James, Managing Editor of Logistics Tech Outlook. “Their ability to continually innovate and address the evolving needs of businesses, from eCommerce retailers to large enterprises, made them a clear choice for this recognition.”

The award was determined by a panel of C-level executives, industry experts, and the editorial board at Logistics Tech Outlook, who evaluated companies based on innovation, reliability, customer impact, and industry leadership. Pitney Bowes emerged as the leader due to its advanced SaaS-based multicarrier shipping platform, which helps businesses navigate the complexities of modern shipping with efficiency and control.

“This recognition from Logistics Tech Outlook is a testament to our relentless focus on innovation and customer-centric solutions,” said Shemin Nurmohamed, EVP and President of SendTech at Pitney Bowes. “As businesses continue to face logistical challenges, our technology provides them with the flexibility and intelligence needed to make informed shipping decisions, optimize costs, and enhance overall efficiency.”

With security and compliance at the core of its platform, Pitney Bowes meets SOC2 and ISO 27001 certifications and is FedRAMP and StateRAMP authorized, ensuring businesses and government agencies can operate with confidence in an increasingly digital world. Its rule-based automation engine allows clients to define shipping priorities—whether speed, cost efficiency, or carrier volume commitments—delivering customized solutions tailored to diverse industries.

In addition to its recognition as a leader in shipping software, Pitney Bowes continues to expand its capabilities with innovations such as ShipAccel, a platform designed specifically for eCommerce businesses. This solution integrates seamlessly with major online marketplaces, streamlining order fulfillment, tracking, and returns for enhanced customer experiences.

Looking ahead, Pitney Bowes remains dedicated to driving the future of shipping technology. With plans to enhance international shipping capabilities and further refine its analytics-driven approach, the company is committed to equipping businesses with smart, scalable, and future-ready shipping solutions.

source - https://www.businesswire.com/news/home/20250219543193/en/Pitney-Bowes-Named-Top-Company-in-Shipping-Software-Solutions-for-2025-by-Logistics-Tech-Outlook

Performant Achieves CMMI MATURITY Level 3, Demonstrating Commitment to Excellence and Continuous Improvement

 PLANTATION, Fla.--(BUSINESS WIRE)--Performant Healthcare, Inc. (Nasdaq: PHLT) (the “Company” or “Performant Healthcare”), a leader in technology-enabled payment integrity, eligibility, and related analytics services, today announced that it has been successfully re-appraised at Level 3 of ISACA’s Capability Maturity Model Integration (CMMI)®. This achievement highlights the Company’s dedication to delivering consistent, high-quality solutions while driving operational excellence and continuous improvement.

“Achieving CMMI Level 3 is a testament to our team’s culture of continuous improvement and dedication to exceeding client expectations. We will continue to leverage these best practices to enhance our programs and deliver exceptional value to our partners.”

Post this

CMMI is a globally recognized framework that provides organizations with the essential elements for effective process improvement and operational excellence. An appraisal at CMMI Level 3 signifies that the organization operates at a “defined” maturity level, with processes that are well-characterized, well-documented, and consistently applied across the entire organization. The re-appraisal focused on the Medicare Secondary Payer (MSP) Commercial Repayment Center (CRC), one of Performant Healthcare’s most mature business units.

“This appraisal reflects Performant Healthcare’s unwavering commitment to operational excellence and our mission to provide innovative, efficient, and reliable solutions to our clients,” stated Michael Feid, SVP of Eligibility and Recovery Services at Performant Healthcare. “Achieving CMMI Level 3 is a testament to our team’s culture of continuous improvement and dedication to exceeding client expectations. We will continue to leverage these best practices to enhance our programs and deliver exceptional value to our partners.”

The Company’s appraisal underscores its proficiency in managing complex projects, fostering customer satisfaction, and achieving organizational objectives. By adhering to industry-leading standards, Performant Healthcare has shown that it can deliver consistent quality in its processes, which strengthens its position as a trusted partner in the healthcare payment integrity space.

Rohit Ramchandani, Chief Financial Officer, added, "We are pleased that our efforts to scale and enhance efficiency are being recognized through this CMMI certification appraisal, not to mention continuing to demonstrate this commitment while being focused on growth. This recognition is another testament to the progress we've made via strategic investments into technology and processes, reinforcing that these investments are yielding tangible benefits. We are excited to continue advancing efficiency efforts into all areas of Performant Healthcare through our technology and process improvement approach. As we continue to prioritize efficiency and scalability, we believe we are well-positioned to move toward achieving our longer-term objectives, including the ability to achieve a 20% adjusted EBITDA margin."

The December 2024 CMMI appraisal was conducted by iPower LLC.

ABOUT PERFORMANT

Performant supports healthcare payers in identifying, preventing, and recovering waste and improper payments by leveraging advanced technology, analytics and proprietary data assets. Performant works with leading national and regional healthcare payers to provide eligibility-based, also known as coordination-of-benefits (COB) services, as well as claims-based services, which includes the audit and identification of improperly paid claims. Performant is a leading provider of these services in both government and commercial healthcare markets. Performant also provides advanced reporting capabilities, support services, customer care, and stakeholder training programs designed to mitigate future instances of improper payments.

ABOUT CMMI INSTITUTE

ISACA® (www.isaca.org) is a global community advancing individuals and organizations in their pursuit of digital trust. For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its 180,000+ members who work in digital trust fields such as information security, governance, assurance, risk, privacy, and quality. It has a presence in 188 countries, including 225+ chapters worldwide. Through the ISACA Foundation, ISACA supports IT education and career pathways for undersourced and underrepresented populations.

source - https://www.businesswire.com/news/home/20250213447188/en/Performant-Achieves-CMMI-MATURITY-Level-3-Demonstrating-Commitment-to-Excellence-and-Continuous-Improvement

ISO 37001: The Global Standard in Anti-Bribery Management

ISO 37001 is a global standard for organisations to establish, carry out, maintain and enhance their anti-bribery management systems.

An anti-bribery management system – according to the International Organisation for Standardisation (ISO) which published the standard in 2016 – is meant “to instil an anti-bribery culture within an organisation and implement appropriate controls, which will in turn increase the chance of detecting bribery and reduce its incidence in the first place.”

Whether implemented independently or within the overall management system, ISO 37001 can be applicable to organisations from the public, private and not-for-profit sectors in need of guidelines for measures and controls that ensure anti-bribery compliance internally and externally through third parties.

ISO 37001 provides a guideline for various forms of organisations to establish and strengthen their anti-bribery management systems. Image from https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100396.pdf

Malaysia adopted the standard as MS ISO 37001: 2016 Anti-Bribery Management System (ABMS) in 2016, and certified several government agencies and private companies under the standard through a pilot project the following year.

Since then, entities within the Malaysian Government, such as ministries, agencies and departments, as well as government-linked companies that are at high risk of bribery, are encouraged to utilise the standard to foster a culture of integrity and deter corruption.

In 2022, Sarawak began embarking on the ABMS implementation, with Unit Integriti dan Ombudsman Sarawak (UNIONS) being mandated as the secretariat for the State’s pilot project and six agencies from the Sarawak Government being selected for it.

These agencies are the Department of the Premier of Sarawak; Forest Department Sarawak; Jabatan Agama Islam Sarawak; Ministry of Tourism, Creative Industry and Performing Arts; Regional Corridor Development Authority; and Sarawak Forestry Corporation.

Two years later, they have been recognised for their endeavour at the 2024 edition of Majlis Amanat Perdana Integriti (MAP-i), in addition to having successfully completed the second stage of the audit of the standard, namely the compliance audit certified by SIRIM Berhad, Malaysia.

It is expected that anti-bribery measures undertaken through the pilot project can serve as a benchmark and guide for other ministries, agencies and departments in Sarawak to adopt similar initiatives in order to be more proactive in establishing regulations that are of higher quality and transparency.

Why ABMS?

Bribery – defined by Transparency International “as the offering, promising, giving, accepting or soliciting of an advantage as an inducement for an action which is illegal, unethical or a breach of trust” – continues to be a global challenge, with the World Bank estimating more than USD1 trillion spent on bribes annually.

It can lead to devastating consequences, such as political instability, increase in business expenses, and rise in poverty. Its impact can also be felt from as wide as the global trade, to as specific as an employee’s performance within an organisation.

Many governments around the world have been taking initiatives to tackle bribery not only through national laws but also international agreements like the United Nations Convention against Corruption (UNCAC).

Malaysia – a signatory of the UNCAC – categorises it as three of the four key offences stipulated in the Malaysian Anti-Corruption Act 2009 (MACC Act 2009) (Act 694), in particular:

SOURCE - https://www.rakansarawak.com/v3/2025/02/18/iso-37001-the-global-standard-in-anti-bribery-management/

Get Certified for ISO 42001 Certification in Bangalore

Obtaining ISO/IEC 42001 certification in Bangalore involves a structured approach to ensure your organization aligns with the international standards for Artificial Intelligence Management Systems (AIMS). Here's a comprehensive guide to assist you:

1. Understand ISO/IEC 42001 Standards:

Familiarization: Begin by thoroughly understanding the ISO/IEC 42001:2023 standard, which outlines the requirements for establishing, implementing, maintaining, and continually improving an AIMS within an organization.

pecb.com

2. Engage in Professional Training:

Training Programs: Enroll in certified training courses to gain in-depth knowledge of the standard. Organizations like Vinsys and InfosecTrain offer ISO/IEC 42001 Lead Auditor and Lead Implementer training programs, respectively, which are designed to equip professionals with the necessary skills to audit and implement AIMS effectively.

3. Implement the AIMS Framework:

System Development: Utilize the knowledge acquired from training to develop and implement an AIMS tailored to your organization's context. This involves establishing AI policies, conducting risk assessments, and ensuring ethical AI practices are in place.

4. Conduct Internal Audits:

Pre-assessment: Perform internal audits to evaluate the effectiveness of the implemented AIMS. This step helps identify areas for improvement and ensures readiness for external certification audits.

5. Select an Accredited Certification Body:

Certification Services: Choose a reputable and accredited certification body to conduct the external audit. TÜV SÜD offers ISO/IEC 42001 auditing and certification services, assisting organizations in establishing robust AIMS and ensuring responsible AI deployment.

6. Undergo the Certification Audit:

External Assessment: The selected certification body will perform a comprehensive audit to verify compliance with ISO/IEC 42001 standards. Successful completion of this audit results in the awarding of the certification.

7. Maintain and Continually Improve the AIMS:

Ongoing Enhancement: Post-certification, it's essential to continually monitor, review, and improve your AIMS to adapt to evolving AI technologies and regulatory requirements.

By following these steps and leveraging the resources available in Bangalore, your organization can achieve ISO/IEC 42001 certification, demonstrating a commitment to ethical and effective AI management practices.

How to get ISO 22301 Certification in Bangalore online

Obtaining ISO 22301 certification in Bangalore through online avenues involves several key steps to ensure your organization meets the international standards for Business Continuity Management Systems (BCMS). Here's a structured approach to guide you:

1. Understand ISO 22301 Requirements:

Familiarization: Begin by thoroughly understanding the ISO 22301 standard, which outlines the requirements for a BCMS. This knowledge is crucial for effective implementation.

2. Engage with Online Consultants:

Consultancy Services: Numerous firms offer online consultancy to assist organizations in Bangalore with ISO 22301 certification. For instance, Certvalue provides comprehensive services, including implementation guidance, training, documentation, and gap analysis. Similarly, GQS India offers consultancy tailored to both IT and non-IT companies, facilitating the entire certification process remotely.

3. Participate in Online Training Programs:

Training Courses: Equip your team with the necessary skills by enrolling in online training programs. Organizations like InfoSecTrain offer ISO 22301 Lead Auditor Certification Training, enabling participants to develop expertise in auditing BCMS. Additionally, Punyam Academy provides an online ISO 22301 Auditor Training Course, covering all essential aspects of the standard.

4. Develop and Implement the BCMS:

Documentation and Implementation: Utilize templates and guidance from your consultants to develop the necessary documentation. Implement the BCMS as per the standard's requirements, ensuring all processes are aligned with ISO 22301.

5. Conduct Internal Audits:

Assessment: Perform internal audits to evaluate the effectiveness of the implemented ISO 22301 BCMS. This step helps in identifying areas of improvement and ensures readiness for the external certification audit.

6. Select an Accredited Certification Body:

Certification Bodies: Choose an accredited body that offers ISO 22301 certification services online. URS India provides ISO 22301 certification in Bangalore and is recognized globally. Engaging with such bodies ensures that the certification process adheres to international standards.

7. Undergo the Certification Audit:

External Audit: The selected certification body will conduct a thorough audit of your BCMS to verify compliance with ISO 22301. This process can be facilitated online, depending on the certifying body's capabilities.

8. Maintain and Continually Improve the BCMS:

Ongoing Improvement: Post-certification, it's essential to continually monitor, review, and improve your BCMS to adapt to any changes in the organizational or external environment.

By following these steps and leveraging online resources, organizations in Bangalore can efficiently achieve ISO 22301 certification, thereby enhancing their resilience against disruptions.

Get Certified for ISO 27001 Certification in Bangalore

Achieving ISO/IEC 27001 certification in Bangalore is a strategic move to enhance your organization's information security management system (ISMS). Here's a structured approach to guide you through the process:

1. Understand ISO/IEC 27001 Standards:

Familiarization: Begin by comprehending the ISO/IEC 27001:2022 standard, which outlines the requirements for establishing, implementing, maintaining, and continually improving an ISMS.

2. Engage in Professional Training:

Training Programs: Enroll in certified training courses to gain in-depth knowledge of the standard. Organizations like Vinsys and InfosecTrain offer ISO/IEC 27001 Lead Auditor and Lead Implementer training programs, respectively, designed to equip professionals with the necessary skills to audit and implement ISMS effectively.

3. Implement the ISMS Framework:

System Development: Utilize the knowledge acquired from training to develop and implement an ISMS tailored to your organization's context. This involves establishing security policies, conducting risk assessments, and ensuring robust information security practices are in place.

4. Conduct Internal Audits:

Pre-assessment: Perform internal audits to evaluate the effectiveness of the implemented ISMS. This step helps identify areas for improvement and ensures readiness for external certification audits.

5. Select an Accredited Certification Body:

Certification Services: Choose a reputable and accredited certification body to conduct the external audit. TÜV SÜD offers ISO/IEC 27001 auditing and certification services, assisting organizations in establishing robust ISMS and ensuring compliance with international standards.

6. Undergo the Certification Audit:

External Assessment: The selected ISO certification body will perform a comprehensive audit to verify compliance with ISO/IEC 27001 standards. Successful completion of this audit results in the awarding of the certification.

7. Maintain and Continually Improve the ISMS:

Ongoing Enhancement: Post-certification, it's essential to continually monitor, review, and improve your ISMS to adapt to evolving security threats and regulatory requirements.

By following these steps and leveraging the resources available in Bangalore, your organization can achieve ISO/IEC 27001 certification, demonstrating a commitment to robust information security management practices.

How to Get ISO 27701 Certification for Information Technology Industry

ISO/IEC 27701 is an extension of ISO 27001, specifically designed for Privacy Information Management Systems (PIMS). IT companies handling personal data, cloud services, or user information should obtain this certification to comply with privacy regulations like GDPR, CCPA, and PDPB.

Step-by-Step Process to Get ISO 27701 Certification in IT Industry

1. Understand ISO 27701 & Its Relevance for IT

ISO 27701 extends ISO 27001 to include privacy information management.

IT companies managing PII (Personally Identifiable Information), cloud services, or customer databases need this certification.

Ensures compliance with global privacy laws like GDPR (EU), CCPA (California), PDPB (India), and LGPD (Brazil).

2. Perform a Gap Analysis Against ISO 27701

Identify gaps between current ISMS (ISO 27001) and ISO 27701 privacy requirements.

Review data collection, processing, storage, encryption, and user consent management.

Conduct risk assessment to identify vulnerabilities in handling personal data.

3. Implement a Privacy Information Management System (PIMS)

Develop Policies for PII Protection:

Define data collection, processing, sharing, and deletion policies.

Set data retention limits and implement a privacy-by-design approach.

Strengthen Access Controls:

Implement Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA).

Limit employee access to sensitive PII data.

Encrypt & Anonymize Personal Data:

Use end-to-end encryption and pseudonymization techniques.

Ensure secure data transmission & storage (cloud security & backup encryption).

Develop Incident Response & Breach Notification Plan:

Define a process for handling data breaches & notifying affected users.

Align with GDPR’s 72-hour breach reporting rule.

4. Train IT Employees on Privacy & Compliance

Conduct Privacy Awareness Training for employees handling PII.

Educate IT teams on privacy impact assessments (PIA), compliance, and secure coding practices.

Provide training on data subject rights (Right to Access, Erasure, Data Portability).

5. Conduct Internal Audit & Privacy Impact Assessment (PIA)

Perform an internal audit to verify compliance with ISO 27701.

Conduct a Privacy Impact Assessment (PIA) to evaluate how IT systems process user data.

Address non-conformities before moving to external certification.

6. Select an Accredited Certification Body

Choose an ISO 27701-accredited certification body such as:

TÜV SÜD

BSI (British Standards Institution)

Bureau Veritas

DNV

ISOQAR

Ensure they provide ISO 27701 certification for IT service providers.

7. Undergo the ISO 27701 Certification Audit

The certification body conducts a two-stage audit:

Stage 1 Audit: Review of documentation, privacy policies, and data protection mechanisms.

Stage 2 Audit: Assessment of PIMS implementation, risk management, and privacy compliance.

Upon successful completion, your IT company receives ISO 27701 certification.

8. Maintain & Continually Improve Privacy Compliance

Conduct regular internal audits to ensure ongoing compliance.

Update privacy policies as per new legal requirements & security risks.

Undergo annual surveillance audits to retain certification.

Benefits of ISO 27701 for IT Companies

✔️ Ensures GDPR, CCPA & Global Privacy Compliance

✔️ Enhances Data Protection & Cybersecurity

✔️ Increases Client Trust & Business Reputation

✔️ Minimizes Risks of Data Breaches & Fines

✔️ Competitive Edge in Privacy-Conscious Markets

By following this approach, IT organizations can achieve ISO 27701 certification, ensuring strong privacy controls, legal compliance, and customer trust. 🚀