Docoon, a leading publisher of digital trust and dematerialization solutions, is proud to announce that it has obtained the highest level of security accreditation with the ISO 27001 standard. ISO 27001 certification demonstrates Docoon's ability to implement an effective Information Security Management System (ISMS) based on this international benchmark standard.
For the Docoon teams, this accreditation reinforces the commitment of all employees to delivering the highest level of security and service to the company's partners and customers. In this sense, it is the logical continuation of what lies at the heart of our DNA: the continuous improvement of processes for the benefit of customer satisfaction, and represents a further step towards Docoon's certification as a Partner Dematerialization Platform (PDP) as part of the electronic invoicing reform .
1. ISO 27001 certification : what is it all about?
Firstly, it should be noted that ISO 27001 certification is a prerequisite for becoming a Partner Dematerialization Platform. Docoon is also well advanced in migrating part of its data center to a SecNumCloud host, another essential technical requirement for becoming a PDP.
In concrete terms, ISO 27001 accreditation indicates that Docoon's ISMS has been audited by an external body and meets 114 control points/requirements of the standard. The ISMS is the security organization defined by security processes, policies, and tools that ensure the confidentiality, integrity, and availability of information. Of course, for the entire ecosystem in which we operate (customers, partners, suppliers), this is an additional guarantee of security. However, beyond the technical security requirements, the ISO 27001 standard also commits our entire organization to HR, legal, and contractual aspects. The standard will verify highly technical points about network architecture, but also concerns, for example, the access rights of an employee that must be removed when they leave the company.
2. ISO 27001: a process of continuous improvement
By obtaining ISO 27001 certification for its information security management system related to all internal information management processes, Docoon continues to commit to a process of continuous improvement —as we do under the ISO 9001 standard.
Obtained for a period of three years, the ISO 27001 standard requires us to conduct ongoing risk analysis with appropriate action plans. These measures will be audited annually by an independent body. This is why, for all Docoon employees, the ISO 27001 standard is a logical extension and complement to the annual renewal of the ISO 9001 standard. This point is confirmed by Alban GIROUX, CPO/CTO at Docoon: " During the audit conducted for ISO 27001 accreditation, the auditor noted the level of maturity of the entire company in terms of perception, attitude, and progress toward meeting the requirements of the standard. "
3. Meet market safety requirements
If obtaining ISO 27001 certification is one step closer to Docoon's approval as a future PDP *, it also responds to increasingly pressing market demands for information security. This is a significant trend that is accelerating, as confirmed by Alban GIROUX: "The people we meet have increasingly high security requirements—for example, with regard to the GDPR—and ISO 27001 is becoming a must for organizations that want to provide their customers and partners with solutions that guarantee the highest level of quality, security, and compliance. " For Docoon, the implementation of the ISO 27011 standard is, of course, a reassuring factor for customers, and also a marker of our identity for service providers who do not yet know us well.
Today, information system (IS) security requirements are driving the entire ecosystem toward a virtuous approach: companies expect their partners and suppliers to apply the same rigorous standards that they apply to the management of their own information systems. This represents real added value for the competitiveness of French companies and our economy.
* Since the publication of this article, Docoon has received its temporary registration as a Partner Dematerialization Platform from the French Public Finance Directorate under number 19.
