Utrecht, The Netherlands, December 6, 2022 — Cirrus proudly announces they have achieved ISO-27001:2013 certification for the hosting, development, maintenance and service of their e-assessment solution. Surpassing this high and demanding bar for cybersecurity positions Cirrus as a leader in exam security.
ISO 27001:2013 is an international security standard that governs best practices for how organisations manage their data. The International Organization for Standardization (ISO) is an independent organisation that sets global standards for security and safety. It outlines how companies should handle information security risks by creating an information security management system (ISMS). The standard is voluntary, but organisations that follow its guidelines can seek ISO 27001 certification.
The Cirrus SaaS e-assessment platform enables awarding bodies, higher education and professional testing organisations to create, deliver and mark online exams anytime, anywhere. “Information security has always been a top priority for us,” notes Cirrus CEO Vegard Sivertsen, “and it was a major motivation for us to hire Jeroen Habets as Chief Technology Officer (CTO) back in 2020. With his 20+ year experience in secure product development and SaaS, he was the perfect person to lead Cirrus’ push for further professionalisation and even better security practices during our rapid growth”.
“Information security has always been a top priority for us, and it was a major motivation for us to hire Jeroen Habets as Chief Technology Officer (CTO) back in 2020. With his 20+ year experience in secure product development and SaaS, he was the perfect person to lead Cirrus’ push for further professionalisation and even better security practices during our rapid growth”.
Vegard Sivertsen, Founder & CEO, Cirrus
“When we planned our approach to ISO certification, we made a conscious decision to review all our processes with an external consultant from the ground up, rather than filling in the dots in a standard ISO template”, explains Chief Information Security Officer (CISO) Jeroen Habets. “This allowed us to review our existing processes against a rigorous set of standards and formalise them. And more importantly, improve them where appropriate.
“It also helped to further embed an awareness of data security throughout our organisation without developing a ton of guidelines that once created, sit forgotten in a corner. We passed the demanding independent audit in September and we’re already seeing the results in our regular penetration tests, with zero significant vulnerabilities showing up.” Looking to the future, Jeroen Habets adds, “Adhering to this standard also ensures that we continuously improve and stay vigilant for any future data security threats.”
Adhering to this standard also ensures that we continuously improve and stay vigilant for any future data security threats.”
Jeroen Habets, CTO, Cirrus
Data security is especially important in the e-assessment industry because of the substantial amounts of private data processed, from test creators, markers and students. Moreover, it’s crucial to protect high-stakes exams from data breaches, where exam integrity is forfeited completely. Maintaining high-stakes exam integrity is critical to safeguarding the value of certifications and ensuring that test-takers receive the certifications they deserve.
Our customers benefit from the ISO certification as it efficiently satisfies their own audit and compliance requirements. Financial awarding bodies, universities and corporate testing organisations, etc. all need to comply with their own industry’s stringent security standards, not to mention data privacy regulations like GDPR in Europe and CCPA in California, USA, for instance. Cirrus’ ISO-27001:2013 certification will help put regulators’ minds at ease on that score – it certifies their e-assessment software has best-in-class data security.
About Cirrus Assessment
Cirrus Assessment is a SaaS company that has helped awarding bodies, higher education and professional testing organisations create, deliver and mark online exams since 2013. The Cirrus e-assessment platform combines powerful features with an intuitive interface to let users focus on what matters: helping test takers succeed. With excellent customer service and now even more robust security, they are a fast-growing e-assessment company based in Utrecht, The Netherlands.
