SEATTLE, August 2, 2022 — Discuss, the leading purpose-built People Experience Platform for turning experiences into insights, is proud to announce it has once again earned certification of the ISO/IEC 27001:2013 standard for ISMS (Information Security Management Systems).
“Everyone at Discuss is committed to protecting the data and privacy of our users by safeguarding the information in our database,” said Discuss privacy and compliance officer Juan Porta. “Achieving this recertification is a reflection of our continuous investment in amazing people, robust processes, and a well-architected solution that delivers top-notch privacy and security features for our customers.”
Discuss achieved its initial certification in August 2019, which is verified on an annual basis by CIRQ’s independent audit to establish conformance and continuous improvement of its ISMS — meeting the highest standards for protecting personal data and customer information.
ISO 27001 provides an organizational framework for companies to manage their data security, establishing requirements for information controls that manage people, processes, and technology. Discuss’ ISO 27001 certification means that all customer, partner and client data is governed by an ISMS, a systematic approach to managing information to ensure that all data remains protected and confidential.
The scope of Discuss’ certification not only covers the software development process, but also the full service and DIY market research delivery process, including data collection, processing, analysis, and supporting operational and corporate functions.
CIRQ (the Certification Institute for Research Quality) is a non-profit entity committed to providing timely, thorough and impartial assessments of its customers’ quality management or information security management systems in regard to certification to corresponding standards. CIRQ was established in compliance with all ISO requirements for certification bodies that provide auditing and certification services.
About ISO 27001
ISO 27001 provides requirements for establishing, implementing, maintaining and continually improving an information security management system. The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.This International Standard can be used by internal and external parties to assess an organization’s ability to meet information security requirements. ISO 27001 can be mapped to other information security frameworks such as HITRUST CSF, NIST CSF and SOC 2. Compliance with the standard also enables a company to meet global security laws, such as the European Union and UK’s GDPR, California’s CCPA, Singapore’s PDPA, South Africa’s POPIA, Brazil’s LGPD, Canada’s PIPEDA, Australia’s OAIC, China’s PIPL, and more.
About Discuss
experiences into insights. Hundreds of thousands of Market Insights, CX and UX professionals trust Discuss to go beyond data points and bring in-depth insights to life across their organization in real-time, transforming customer relationships. With Discuss, hundreds of global brands and agencies such as Unilever, Target, Ipsos, KraftHeinz, HP, Ford, and Mastercard are making more informed strategic decisions faster than ever before. For more information, visit diomktgstg.wpengine.com.