CIRQ, an International Standards Organization (ISO) audit and certification body that is a subsidiary of the Insights Association, has awarded certification to Phoenix Marketing International (Phoenix MI) for compliance to the ISO 27001 Standard – Information technology – Security techniques – Information security management systems – Requirements. The certification has been verified by CIRQ partner PECB, globally recognized and accredited by IAS (International Accreditation Service). Accredited certification to ISO 27001 involves undertaking regular reviews and internal audits to ensure the continual improvement of the ISMS. Phoenix MI’s certification will be verified annually by CIRQ’s independent audit establishing continued compliance and protection of data.
ISO 27001 provides a framework for companies to manage their data security. It establishes requirements for information controls to manage people, processes and technology. The standard covers both the technological aspects of security as well as corporate security, physical security, etc., and relies on regular risk assessments enabling a company to consistently identify and treat security threats. ISO 27001 is accepted worldwide as an assurance that proper and continual measures have been taken to protect valuable company data.
The scope of Phoenix MI’s certification covers the management of Information Security for the processes necessary to deliver market research and consulting services to clients.
“We are committed to providing our clients with the highest level of information security and privacy, so we are incredibly pleased to be one of just a few market research companies that have been recognized by this global standard. Our clients can rest assured that their information is in the safe and secure hands of our expert teams,” said Allen R. DeCotiis, Ph.D., Chairman and CEO of Phoenix MI.
“While we already operated to many of the standard’s requirements, securing the ISO 27001 certification assures our clients that the work we produce is being executed with rigorous quality processes and security controls in place, demonstrating our commitment to information security,” added Scott Spry, Chief Operating Officer of Phoenix MI.
To achieve ISO certification, Phoenix MI engaged in an in-depth risk assessment, a comprehensive review of all information security policies and procedures, and internal audits. As a further step in the validation, the company’s information security management system was assessed via review of Phoenix MI’s documentation, practices, and controls.
About ISO 27001
ISO 27001 provides requirements for establishing, implementing, maintaining and continually improving an information security management system. The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed. It is important that the information security management system is integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization. This International Standard can be used by internal and external parties to assess the organization’s ability to meet information security requirements. ISO 27001 can be mapped to other information security schemes such as Hitrust, NIST and Soc2. Compliance with the standard also enables a company to meet global security laws, such as the NIS Directive and the GDPR.
A subsidiary of the Insights Association, CIRQ was established to provide auditing and certification services to market research firms seeking certification to ISO 20252, ISO 26362 and ISO 27001. CIRQ, a non-profit entity, is committed to providing timely, thorough, and impartial audits of its customers' quality management systems or information security management systems in order to make a determination regarding certification to corresponding standards. CIRQ has been established in compliance with all ISO requirements for certification bodies that provide auditing and certification services. To conform to its mandate of objective and impartial audits to these ISO standards, CIRQ is independently operated and managed under the oversight of an independent Board of Directors and submits to annual moderation by external authorities on ISO certification bodies. ISO 27001 audit and certifications are conducted in collaboration with the Professional Evaluation and Certification Board (PECB), an IAS-accredited certification entity and in accordance with the PECB auditing and certification procedures.
About Phoenix MI
Phoenix Marketing International is a full-service marketing insights firm providing insights to improve brand and communications, refine products and services, optimize customer experience, and measure ad and brand performance. Sectors include automotive, financial services, consumer packaged goods, healthcare, technology, media, restaurant, and travel and leisure. Founded in 1999, Phoenix MI employs over 350 people in New York, New Jersey, Massachusetts, Pennsylvania, North Carolina, California, Michigan, Florida, London and Shanghai. .