Information security
The confidentiality, integrity and availability of information are vital to your business operations and to our own success. PRé Sustainability B.V., the developer of SimaPro, is ISO/IEC 27001:2022 certified under certificate number ISC 123 for designing, building, and supporting a web-based platform for life cycle assessment and sustainability performance. Every year, we revise and improve our processes to comply with the requirements of this international standard. In short, you can trust that PRé complies with the highest standards regarding information security.
What is ISO 27001?
ISO 27001 is the international standard for information security. The standard was originally published in 2005, revised in 2013, and again most recently in 2022. ISO 27001 describes the requirements for setting up, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). As per ISO 27001, the main goal of an ISMS is to protect three aspects of information:
- Confidentiality: Only authorized persons have the right to access information.
- Integrity: Only authorized persons can change the information.
- Availability: The information must be accessible to authorized persons whenever it is needed.
What does our certification mean in practice?
At PRé, we are committed to keeping your information secure. We have implemented processes to ensure that we maintain a constant focus on information security. Our dedicated process owners for ISO27001 controls, IT & Security Project Manager and management team work together to ensure that every aspect of information security is covered.
To help you feel confident that your information is safe with us, we ensure that everyone in our team is trained in information security and privacy, including GDPR. We conduct annual internal and external audits and perform relevant background checks for personnel handling sensitive information.
In addition to our standard procedures, we have a crisis team that developed a formal Business Continuity Plan, an Incident Response Plan, and a Change Management Process. We periodically test our tools to ensure data availability, integrity, and confidentiality, so you can be assured that your information is safe with us.
Frequently asked questions
If you have any other questions or concerns about information security at PRé, please get in touch.
What cloud platform is used and where are the servers located?
The SimaPro platform is hosted by MS Azure. Application and databases are hosted off-site, in Western Europe, and backups are created daily.
Does PRé comply with the GDPR legislation?
We treat all personal data in compliance with the General Data Protection Regulation (GDPR).