[Done] Commitment to ISO 27001 certification

Update

  • After working on the topic and figuring out the process and partners, we are now aiming for Stage 1 and Stage 2 in Q2/2024

Update 28.03.2024

  • We have a committed external Stage 1 audit of our ISO 27001:2022 compliant ISMS for first week of May.

Update 11.06.2024

  • An ISO 27001:2022 Stage 1 audit was conducted, raising six areas of concern. The final result was a recommendation to advance to the Stage 2 audit.
  • We have assessed the concerns, created a corrective action plan, and implemented mitigations.
  • Currently, we are preparing to schedule the annual internal audit and, subsequently, the ISO 27001:2022 Stage 2 audit.

Update 04.07.2024

  • The internal ISO 27001:2022 audit is scheduled for 22.07.2024 - 26.07.2024

Update 19.09.2024

  • An internal ISO 27001:2022 audit was conducted, raising 8 minor nonconformities and 4 areas of concern. The auditor suggests to mitigate and advance to stage 2 audit.
  • We have assessed the concerns, created corrective actions, and implemented mitigations.
  • The external ISO 27001:2022 Stage 2 Audit is scheduled for 30.09.2024 - 04.10.2024

Hi Harold, Any update on the ISO 27001:2022 audit?

A prospective client of ours has started asking questions regarding the vulnerability of our OS vendor ( @balena)

Harald (balena): Hi John,

We are approaching the final stage of our ISO 27001:2022 compliance audit, with the Stage 2 audit scheduled for the week of September 30th.

I’d like to better understand your need for the certificate and clarify what you mean by the ‘vulnerability of our OS vendor.’

To provide some initial context, I can inform you that the scope of the certification covers our entire organization and all team members but does not include all products we currently maintain. While balenaOS follows many of the processes and guardrails established by our ISMS, it is not fully covered by the certification. The scope of the certification is limited to balenaCloud.

Looking forward to discussing this further.

Harald (balena) set the status to Completed