BOULDER, CO – October 12, 2022 – We are pleased to announce that Optera has received ISO 27001:2013 certification for our Information Security Management System (ISMS).
ISO 27001:2013 is an information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC).
A-LIGN, an independent, third-party auditor, found Optera to have technical controls in place and formalized IT Security policies and procedures. A-LIGN is an ISO / IEC 27001 certification body accredited by the ANSI National Accreditation Board (ANAB) to perform ISMS 27001 certifications. Optera has implemented several security measures and countermeasures that protect it from unauthorized access or compromise and IT personnel were found to be conscientious and knowledgeable in best practices.
Compliance with this internationally recognized standard confirms that Optera’s security management program is comprehensive and follows leading practices. The scope of our ISO/IEC 27001:2013 certification includes:
- Our corporate carbon and ESG management platform and other web-based software and services
- Our corporate website, opteraclimate.com, and other websites including subdomains and mobile versions
- All activities taken by Optera staff during development, management, and oversight of the platform, website, operations, and professional services.
We were pleased to collaborate with Flexential, a leading IT solutions provider, to guide us through the certification process.
“We take threats to the integrity and confidentiality of our clients’ data and information seriously,” shared Jason Denner, CEO of Optera. “This certification affirms the maturity of our cybersecurity and information security program, which we know is critical for many organizations seeking a software solution to ESG management.”
This certification demonstrates Optera’s continued commitment to information security at every level and ensures our clients that the security of their data and information has been addressed, implemented, and properly controlled in all areas of our organization.