CIRQ (the Certification Institute for Research Quality), an International Standards Organization (ISO) audit and certification body that is a subsidiary of the Insights Association, has been accredited by the American National Standards Institute (ANSI)’s National Accreditation Board (ANAB) to issue ANAB-accredited ISO/IEC 27001:2022 certificates.
“This is a significant milestone for CIRQ and exciting news for our clients,” said Juliana Wood, Managing Director of CIRQ. “All companies certified to the previous standard – ISO 27001:2013 – must transition to the updated ISO 27001:2022 framework before September 2025. With this accreditation, CIRQ can assist all existing and new clients with the transition and keep their certifications current.”
ISO 27001 provides a framework for companies to manage their data security. It establishes requirements for information controls to manage people, processes, and technology. The standard covers both the technological aspects of security as well as corporate security, physical security, etc., and relies on regular risk assessments enabling a company to consistently identify and treat security threats. ISO 27001 is accepted worldwide as an assurance that proper and continual measures have been taken to protect valuable company data.
The 2013 version of the ISO 27001 standard won’t be accepted for new certifications after Spring 2024. Companies considering an ISO 27001 certification are advised to consider the new version of the standard if their implementation work begins in Q4 2023, or after. CIRQ becomes one of a select few organizations accredited to audit and certify to the updated 27001 standard.
“We have relayed this news to our current clients and have already scheduled an audit to transition a leading market research agency to the updated 27001 standard,” Wood added.
“On behalf of the CIRQ Board of Directors, we could not be prouder of this achievement, led by Juliana,” said Travis Santa, CIRQ Board Chair. “The ability to certify clients to the new ISO 27001:2022 standard not only positions CIRQ to grow and establish itself as a leading certification body, but also serves as a testament to our unwavering commitment to excellence and dedication to client success.”
More About ISO 27001
ISO 27001 provides requirements for establishing, implementing, maintaining and continually improving an information security management system. The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed. It is important that the information security management system is integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization. This International Standard can be used by internal and external parties to assess the organization’s ability to meet information security requirements. ISO 27001 can be mapped to other information security schemes such as HITRUST, NIST and Soc2. Compliance with the standard also enables a company to meet global security laws, such as the NIS Directive and the GDPR.