ISO Certifications
We hold ourselves to higher standards
SoftwareOne ISO Certifications
Technology aspirations without external validation are just wishful claims, which are not good enough for our customers. We deliver certified quality, information security, privacy, and environmental performance. To align our global product and services with the highest regional standards, our work is certified annually by TÜV Süd, and The American Institute of Certified Public Accountants (AICPA). Our current certificates are available for your review by country and language.
TÜV Süd
Founded in 1866, TÜV Süd is the world’s leading provider of technology certifications that reduce the impact of technological risks and protect people, assets, and the environment. Their 25,000 technologists define, develop, and certify compliance with standards enforced by the International Organisation for Standardization (ISO).
ISO 9001:2015 – Quality
Company-wide Subsidiaries A-L
|
Subsidiaries N-U |
ISO 14001:2015 – Environment
Company-wide Subsidiaries A-L |
Subsidiaries N-U |
ISO/IEC 27001:2013 – Information Security Management System
The Management of Information Security applies to all Information assets pertaining to operations and delivery of SAP, development and maintenance of Pyra Cloud and Goatpath Marketplace, implementation and maintenance of Managed Cloud and back up, Cloud Support, Security Operations Centre (SOC), Onpremise support, Help desk/onsite support services, Cloud transformation services, unified communication services, SLM Publisher Advisory, SLMAdvanced, SAMSimple services and the related support functions.
- SoftwareOne Group: English
- Brazil: English
- Bulgaria: English
- Colombia (Bogotá): English
- Colombia (Medelin): English
- Czech Republic: English
- India (Bangalore): English
- India (Chennai): English
- India (Gurugram): English
- Germany: English
- Malaysia: English
- Mexico: English
- Netherlands (Amsterdam): English
- Netherlands (Utrecht): English
- Philippines: English
- Poland: English
- Poland (Predica): English
- Romania: English
- Slovakia: English
- Spain: English
- Sweden: English
- Switzerland: English
- Turkey: Turkish/English
- United Kingdom: English
ISO 22301:2019, Security and resilience – Business Continuity Management Systems
ISO 22301 is an international standard for Business Continuity Management (BCM). It provides a framework for organizations to plan, establish, implement, operate, monitor, review, maintain, and continually improve a documented management system to protect against, reduce the likelihood of, and ensure the business recovers from disruptive incidents. Achieving ISO 22301 certification demonstrates SoftwareOne's commitment to maintaining operational resilience and effective response strategies.
- Turkey: Turkish/English
ISO/IEC 27017:2015 – Information Security Controls for Cloud Services
For Information Security Controls applicable to the all Information Assets pertaining to Managed Cloud Services (Supplying, Implementing and Maintenance) and Supporting Functions (Risk & Internal Audit, Human Resources, Administration/Facilities Function).
ISO 37001 – Anti-bribery management systems
Transparency and trust are the building blocks of any organization’s credibility. Nothing undermines effective institutions and equitable business more than bribery, which is why there’s ISO 37001.
It’s the International Standard that allows organizations of all types to prevent, detect and address bribery by adopting an anti-bribery policy, appointing a person to oversee anti-bribery compliance, training, risk assessments and due diligence on projects and business associates, implementing financial and commercial controls, and instituting reporting and investigation procedures (source: https://www.iso.org/iso-37001-anti-bribery-management.html).
- ISO 37001:2016 – Brazil: English
- ISO 37001:2016 – Turkey: Turkish/English
- ISO 37001:2017 – Brazil: Portuguese
SOC2 Type II report provided by AICPA
SOC2 Type II report provides an independent assessment of SoftwareONE’s security and privacy control environment. SOC2 Type 2 report covers the AICPA’s (The American Institute of Certified Public Accountants) Trust Services Principles and Criteria for Security, Availability, Confidentiality, and Privacy. The assessment is an independent opinion on the design and operational effectiveness of the same.
The SOC2 Type II report is available for SoftwareOne clients upon request.
SOC3 report provided by AICPA
SOC3 report is a generic report that is designed to meet the needs of users who need assurance about the controls at a service organization relevant to security, availability, processing integrity confidentiality, or privacy, but do not have the need for or the knowledge necessary to make effective use of a SOC2 report. The assessment is an independent opinion on the design and operational effectiveness of the same.
The SOC3 report is available here for SoftwareOne clients.