Friday, March 27, 2015
Vienna, VA – March 27, 2015 - AAC Inc., a leading provider of government information technology solutions delivery announced today that their Information Security Management System (ISMS) has been recommended with unconditional approval for continued registration and transition to the new ISO/IEC 27001:2013 standard. This means that AAC has been independently verified and awarded the only internationally recognized and most prestigious information security standard available.
An ISMS is a systematic approach to managing sensitive company and customer information at the highest level so that it remains secure. It includes people, processes, and IT systems by applying a risk management framework. AAC was initially certified to the ISO/IEC 27001:2005 standard, before the 2013 version was released. ISO/IEC 27001:2013 is the first revision to the ISO 27001 international standard and provides a more flexible, agile, streamlined approach, which leads to a more effective risk management. Implementing the 2013 version ensures that AAC’s ISMS is compliant with the latest best practices, security controls, and industry standards and is able to deal with today’s risks, including identity theft, risks related to mobile devices and other online vulnerabilities.
"Ensuring confidentiality, integrity, and availability of information is a top priority for us," said Ugur Koser, AAC’s Vice President of Information Systems. “We believe that proactive measures such as implementing ISO 27001 compliant policies, procedures, and activities help to avoid potential consequences if information is not handled properly. AAC's ISMS also ensures that data is managed and stored securely so that our partners, customers, and employees can have complete confidence in the safety of the information they share with us.”
The surveillance and transition audit was performed by the third-party certification body SRI Quality System Registrar. SRI is an internationally accredited registrar for management system standards. Based on the audit investigation, AAC demonstrated the capability to implement and maintain an effective ISMS System, to meet its objectives, and remains in conformance with the ISMS requirements.