Compliance & Information Security
Information Security at Openclaims
Information security is vitally important to Openclaims. Therefore, Openclaims upholds the three tenets of information security generally known as the CIA principles: confidentiality, integrity and availability. To achieve our information security goals Openclaims has implemented an information security management system (ISMS) according to the ISO/IEC 27001 standard.
Openclaims systematically evaluates it’s security risks to minimize or treat the potential impact of threats and vulnerabilities. Openclaims has designed a collection of information security controls and other forms of risk treatment to address information security threats. The risk assessment is conducted periodically to ensure that the implemented controls meet requirements.
Third-party security certifications and assurance reports
ISO/IEC 27001 standard
Openclaims is certified to be compliant with the ISO/IEC 27001 standard since 2017.
ISAE 3402 style assurance report
Openclaims has obtained an ISAE 3402 style assurance report. The report has been prepared to provide information on controls used by Openclaims that are relevant for client organizations. The report meets the requirements of the International Standard on Assurance Engagements no. 3402 Type I adopted by the ‘’Nederlandse Orde van Register EDP Auditors’’ (NOREA, Dutch institute for IT auditors). All control objectives and control measures are established using the NOREA framework ‘’Algemene beheersing van IT-diensten’’ (General control of IT services).