Do you communicate security issues/incidents with subcontracted services to customers?

Do you cover off security related issues/incidents in your contracts with your suppliers in relations to subcontracted services? Do you communicate these to customers? (Updates, Reporting)

Yotta maintain documented information, policies and standards to deliver exceptional levels of security and we operate a combined Quality and Information Security Management System (ISMS), aligned to the principles of ISO 9001 and ISO 27001. Copies of our ISO 9001:2008 and ISO 27001:2013 certificates can be been provided if required, which include scope statements and evidence our commitment to protect the confidentiality, integrity and availability of the information that we hold, create and distribute.

Yotta have made sure to select a Managed Service Provider, in Amazon Web Services (AWS), that can evidence their compliance with industry codes of practice and quality standards. As well as being ISO27001 certified ourselves, AWS is certified to a variety of standards for Information Security Management covering the infrastructure, data centres and services that would be used to deliver this contract, including:

  • ISO27001
  • ISO27018
  • AWS Service Organization Control

Copies of AWS’s ISO 27001:2013 and ISO 27018:2014 certificates can also be provided.