We are delighted to share with you that with your help and support, UM has been awarded the ISO 27001:2013 (Information Security Management System) certification on September 11, 2020 with the scope of “Provision of Data Centre Services including Server Hosting Services and Facility Management Services”.

Over the past 12 months, ICTO, CMDO, HRS and other related units have been working together in order to get UM datacenter services ISO certified. The compliance audit was performed by the independent audit firm, DNV GL in late August 2020.

Throughout the implementation process, we built the ISMS framework, and enhanced information security protection mechanism. It included ensuring the service level of Datacenter Services and enhancing UM’s Data, information assets and resources with “Confidentiality”, “Integrity” and “Availability”.

The standard covers 14 domains with 114 detailed controls, which considers not only IT but encompasses the entire daily operations, including its people, processes and technology. It assures the robustness and quality of UM’s risk management processes to information security. Moreover, several online ISO 27001 awareness and professional trainings were conducted for related staff.

While the ISO 27001 certification is proof of compliance of datacenter services, this is just the beginning of a long journey for us to continue to enhance our ISMS capability, and reduce potential information security incidents. We aim to provide more reliable and secure Information Technology Services to all UM members.

Related Reference: