KC obtains ISO/IEC 27001:2013 certification

KC announced today that it has been awarded International Organization for Standardization / International Electrotechnical Commission (ISO/IEC) 27001:2013 certification recognizing its commitment to providing customers with the highest level of information security management. ISO 27001 is a globally recognized standard mandating numerous controls for the establishment, maintenance, and certification of an Information Security Management System (ISMS). The standard ensures that organizations have established methodologies and a framework to business and IT processes to help identify, manage, and reduce risks to the security of information. KC’s ISMS specify a host of technical, administrative and physical controls designed to secure corporate, customer and employee information.  The scope of the ISO 27001 certification includes KC’s ISMS and the applications, systems, people, and processes that support KC’s corporate operations.

Throughout its assessment, KC successfully demonstrated a systematic and documented approach to protecting and managing sensitive company and government/customer information including Controlled Unclassified Information (CUI), financial information, intellectual property, employee and customer data, and information entrusted to it by third parties. The ISO 27001 certification extends to every level of KC’s organization, including its IT infrastructure stack, access control, asset management, human resources processes and application security.

“As a leading federal/DoD small business and cleared contractor, we are vigilant about the importance of protecting the confidentiality and integrity of our corporate and customer data,” said Todd Sodeman, VP Operations of KC.

“KC is committed to upholding the highest standards of security for the people, process and technology powering our services. Protecting customer data is of the utmost importance to us, and ISO 27001 is just the start,” said Karthik Balasubramanian, President/CEO of KC.