Saipher receives certificationISO 27001 and ISO 9001 recertification

Saipher achieved NBR ISO/IEC 27001:2022 certification, an international standard that establishes guidelines and requirements for information security management in organizations. This certification covers a set of controls and good practices that ensure the confidentiality, integrity and availability of sensitive information. The company also celebrates the recent obtaining of NBR ISO/IEC 9001:2015 recertification related to quality management, a seal maintained by the company since 2017.

Product Director Fred Boratto says the achievements reflect Saipher's ongoing commitment to excellence, safety and quality in all aspects of the company's products and services. "ISO 27001 certification is a significant milestone in our journey, demonstrating that our company meets the most rigorous information security standards. He considers that this not only strengthens our position in the market but also increases our customers' peace of mind and confidence". For the Director, ISO 9001:2015 recertification must also be celebrated. "After all, achieving it is already a challenge; maintaining it over time reveals the maturity of our team in absorbing and continually respecting all procedures," he analyzes.

Tatiana Cerqueira, responsible for the Quality sector at Saipher, highlights that the ISO 27001 standard requires strict controls and best practices to protect information. It significantly improves information security against threats, cyber attacks and information leaks. "The ISO 27001:2022 certification differentiates us in the market and improves our internal processes. Furthermore, complying with the General Data Protection Law (LGPD) is crucial. The participation of the areas was related to the scope of the certification, aimed at Software Development and Infrastructure, which also involves Project Management, Testing, DBA, Acquisitions, Human Resources and Technical Support. Still, the achievement belongs to everyone", he explains. She also mentions some of the positive impacts of certification. "In addition to the intrinsic aspects of security, it increases trust credibility and helps to comply with information security regulations and standards, resulting in an even safer and more reliable business relationship between the company and our customers," he considers.

Regarding the recertification process, Tatiana explains that ISO 9001:2015 defines standards and requirements to be met by the company so that its processes, procedures and quality management practices comply with the standard. "The moment we obtained it, it became part of our routine. Since then, we have continuously improved processes to guarantee the quality of the products and services offered. This year, we successfully went through recertification again", she celebrates.

In this context, the role of employees in achieving recertification is also highlighted by Tatiana. "Our team is always willing to learn and improve systems and processes, a result of Senior Management's commitment to supporting the quality management system and providing the necessary resources to maintain standard certification."

The company's actions to maintain the results achieved both in achieving ISO 27001:2022 and in recertification require awareness, commitment and continuous improvement of processes on the part of everyone. "This involves providing training on the guidelines and responsibilities of each employee, reviewing processes and procedures periodically, ensuring they are up to date and aligned with standards, as well as reinforcing the importance of risk management, identifying and evaluating risks that affect compliance and quality of products and services," he adds.

About ISOs 27001:2022 and 9001:2015:

Organizations from different sectors widely adopt ISO 27001 to ensure the security of their information assets and demonstrate their commitment to data and systems protection. It provides a structured framework for implementing security policies, processes and procedures, helping to mitigate cyber risks and improve an organization's security posture.

ISO 9000 implies that an organization has adopted a quality management system that follows internationally recognized standards, aiming to improve the quality of its products and services and increase customer satisfaction