Latest news with #27701
Observer
17-06-2025
- Business
- Observer
New personal data protection guidelines mandated for auditors
MUSCAT, JUNE 17 The Ministry of Transport, Communications and Information Technology (MoTCIT) has unveiled new standards and requirements for the accreditation of external personal data auditors in the Sultanate of Oman. The document, issued in April of 2025, aims to' establish clear standards for the accreditation of external auditors to ensure high-quality, ethical, and lawful data audit services in Oman.' 'In light of the increasing challenges of personal data protection in the digital age, the importance of ensuring private sector institutions' compliance with relevant laws and regulations grows,' the Ministry said in the document. This document provides the necessary technical and administrative standards for accrediting external auditors to ensure they possess the qualifications, methodology, and resources required to deliver high-quality and reliable audit services. This ensures their ability to conduct compliance audits for institutions (controllers and processors) to verify that personal data processing procedures are in accordance with the provisions of the Personal Data Protection Law and its executive regulations,' the Ministry added. In order to qualify as external auditors, companies must adhere to several administrative, security and compliance, and quality assurance requirements. In regards to administrative and technical standards, auditors are required to have an active commercial registration for no less than 12 months and possess the necessary licenses to operate in the Sultanate of Oman. In addition to holding essential certifications including ISO/IEC 27001 for Information Security Management and ISO/IEC 27701 for Privacy Information Management. Furthermore, external auditing companies must have a qualified technical team with practical experience and recognized certifications such as ISO 27000 Lead Auditor or CISA, and CIPP. In addition to previous auditing experience, with a demonstrated and credible track record in providing auditing services. Moreover, companies must maintain comprehensive documentation of procedures covering all audit phases (planning, execution, and reporting) in addition to a record retention policy of audit records, activities, results, and correspondence for no less than five years. Finally, the regulations require a minimum Omanisation rate of 30% within the technical teams of companies. In regards to security and compliance, the standard requires auditors to adhere to all laws and regulations related to personal data protection. Companies must also have comprehensive Data Protection and Confidentiality Policy, which outlines how data is managed and safeguarded against unauthorized access, modification, or disclosure Furthermore, companies must have the ability to conduct risk assessment audits and security gap assessments. They are also required to maintain an incident reporting policy, which clearly outlines the procedures for reporting any security incidents that occur during the audit process. Finally, auditors are required to implement defined standards to regularly assess performance and ensure adherence to the required quality levels .
Business Wire
28-05-2025
- Business
- Business Wire
Writer's AI Agent Platform Achieves ISO Certifications for Security, Privacy, and Responsible AI
SAN FRANCISCO--(BUSINESS WIRE)-- Writer, a leader in enterprise generative AI, today announced it has successfully achieved certifications for security, privacy, and responsible AI under ISO/IEC 27001, 27701, and 42001. The company is one of the first model developers to complete the full ISO trust triad, underscoring its industry-leading commitment to building agentic AI systems and enterprise-grade LLMs that are reliable, controllable, and transparent. As a trusted AI partner to hundreds of customers across the global 2000, Writer has grounded its cutting-edge AI innovation in responsible, secure, and ethical practices since its inception in 2020. With a focus on designing comprehensive agentic solutions for highly regulated industries, its platform and governance is informed by real-life enterprise needs and requirements. This independent third-party certification validates that trust is at the heart of Writer's approach. "From day one, Writer's commitment to developing trustworthy, human-centric AI for the enterprise has been a catalyst for creativity and innovation," said Writer CTO and Co-founder Waseem AlShikh. "From novel model training techniques to infrastructure for agent observability, we're defining new standards for reliability, transparency, and governance across the industry. As we push the frontier of agentic systems and LLMs that are purpose-built for real-world use cases, we believe shaping the future responsibly is a strategic imperative." The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) provide widely recognized standards for quality in technology. ISO/IEC 42001 showcases Writer's proactive commitment to responsible development and use of AI systems, including: Safe, auditable agent operations through observability tools and governance controls like configurable session logs, role-based permissions, metrics, agent-tool protocols, approval workflows, and more Visibility into agent reasoning and output accuracy with built-in explainability through output source citations and agent chain-of-thought Highly accurate, reliable models and transparency into performance with technical reports available to customers Reliable, industry-leading model performance across retrieval, output accuracy, and benchmarking for real-world use cases ISO/IEC 27701 certifies that Writer upholds information privacy standards including: Commitment to not train on or improve models with customer data, or retain customer data longer than is needed to provide services Adherence to industry-recognized security standards and global privacy laws like GDPR, HIPAA, CCPA, PCI, and Data Privacy Framework ISO/IEC 27001 validates Writer's continued commitment to information security through: Enterprise-grade security infrastructure, like encryption of data in transit and at rest, isolated cloud environments, identity and access management, and risk mitigation like audit logs, backup and recovery testing End-to-end, managed platform deployment and AI lifecycle management, like cloud deployment options offering holistic support of GPU scaling and orchestration, 24/7 monitoring, threat detection, pen testing, and vulnerability management In addition to achieving these widely recognized certifications, Writer embraces a harmonized, global approach to compliance, providing its customers with transparency and control around their data, as well as the data that is used to develop and train the models used within Writer's platform. Writer's end-to-end architecture stack and fully managed deployment work together to reduce risk and complexity, enabling secure, scalable management of the entire AI lifecycle from model development to agent oversight. "Medisolv holds third party platforms to an extremely high bar across security, privacy, and compliance. One of the reasons we chose Writer was because of their deep commitment to transparency, from how they train their models and approach customer data to their secure deployment infrastructure,' said Erin Heilman, SVP of Regulatory Affairs & Advisory Services, Medisolv. The ISO/IEC 27001, 27701, and 42001 certifications were conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 4,000 global organizations to help mitigate cybersecurity risks, and supported by Vanta's all-in-one trust management platform. "AI introduces new complexity across security, privacy and compliance, especially with the rise of agentic systems,' said Jeremy Epling, Chief Product Officer, Vanta. 'Vanta helps companies like Writer meet rigorous international standards and raise the bar for earning and maintaining trust in an age of evolving risk. It's rare to see an AI provider achieve the comprehensive roster of certifications Writer has earned, let alone at this pace.' Alongside these certifications, Writer has launched a new public-facing Trust Center for its customers' security and legal teams. It provides centralized access to security documentation, compliance certifications, and notably, model transparency artifacts like technical reports, bias audits, and benchmark results. Learn more about Writer's commitments to trust, security, and governance at About Writer Writer is where the world's leading enterprises orchestrate AI-powered work. With Writer's end-to-end platform, teams can build, activate, and supervise AI agents that are grounded in their company's data and fueled by Writer's enterprise-grade LLMs. From faster product launches to deeper financial research to better clinical trials, companies are quickly transforming their most important business processes for the AI era in partnership with Writer. Founded in 2020, Writer delivers unmatched ROI for hundreds of customers like Accenture, Intuit, Marriott, Uber, and Vanguard and is backed by investors including Premji Invest, Radical Ventures, ICONIQ Growth, Insight Partners, Balderton, B Capital, Salesforce Ventures, Adobe Ventures, Citi Ventures, IBM Ventures, and others. Learn more at
Yahoo
28-05-2025
- Business
- Yahoo
Writer's AI Agent Platform Achieves ISO Certifications for Security, Privacy, and Responsible AI
Enterprise AI leader becomes one of the first model developers to achieve the full ISO trust triad–ISO/IEC 27001, 27701, and 42001 SAN FRANCISCO, May 28, 2025--(BUSINESS WIRE)--Writer, a leader in enterprise generative AI, today announced it has successfully achieved certifications for security, privacy, and responsible AI under ISO/IEC 27001, 27701, and 42001. The company is one of the first model developers to complete the full ISO trust triad, underscoring its industry-leading commitment to building agentic AI systems and enterprise-grade LLMs that are reliable, controllable, and transparent. As a trusted AI partner to hundreds of customers across the global 2000, Writer has grounded its cutting-edge AI innovation in responsible, secure, and ethical practices since its inception in 2020. With a focus on designing comprehensive agentic solutions for highly regulated industries, its platform and governance is informed by real-life enterprise needs and requirements. This independent third-party certification validates that trust is at the heart of Writer's approach. "From day one, Writer's commitment to developing trustworthy, human-centric AI for the enterprise has been a catalyst for creativity and innovation," said Writer CTO and Co-founder Waseem AlShikh. "From novel model training techniques to infrastructure for agent observability, we're defining new standards for reliability, transparency, and governance across the industry. As we push the frontier of agentic systems and LLMs that are purpose-built for real-world use cases, we believe shaping the future responsibly is a strategic imperative." The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) provide widely recognized standards for quality in technology. ISO/IEC 42001 showcases Writer's proactive commitment to responsible development and use of AI systems, including: Safe, auditable agent operations through observability tools and governance controls like configurable session logs, role-based permissions, metrics, agent-tool protocols, approval workflows, and more Visibility into agent reasoning and output accuracy with built-in explainability through output source citations and agent chain-of-thought Highly accurate, reliable models and transparency into performance with technical reports available to customers Reliable, industry-leading model performance across retrieval, output accuracy, and benchmarking for real-world use cases ISO/IEC 27701 certifies that Writer upholds information privacy standards including: Commitment to not train on or improve models with customer data, or retain customer data longer than is needed to provide services Adherence to industry-recognized security standards and global privacy laws like GDPR, HIPAA, CCPA, PCI, and Data Privacy Framework ISO/IEC 27001 validates Writer's continued commitment to information security through: Enterprise-grade security infrastructure, like encryption of data in transit and at rest, isolated cloud environments, identity and access management, and risk mitigation like audit logs, backup and recovery testing End-to-end, managed platform deployment and AI lifecycle management, like cloud deployment options offering holistic support of GPU scaling and orchestration, 24/7 monitoring, threat detection, pen testing, and vulnerability management In addition to achieving these widely recognized certifications, Writer embraces a harmonized, global approach to compliance, providing its customers with transparency and control around their data, as well as the data that is used to develop and train the models used within Writer's platform. Writer's end-to-end architecture stack and fully managed deployment work together to reduce risk and complexity, enabling secure, scalable management of the entire AI lifecycle from model development to agent oversight. "Medisolv holds third party platforms to an extremely high bar across security, privacy, and compliance. One of the reasons we chose Writer was because of their deep commitment to transparency, from how they train their models and approach customer data to their secure deployment infrastructure," said Erin Heilman, SVP of Regulatory Affairs & Advisory Services, Medisolv. The ISO/IEC 27001, 27701, and 42001 certifications were conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 4,000 global organizations to help mitigate cybersecurity risks, and supported by Vanta's all-in-one trust management platform. "AI introduces new complexity across security, privacy and compliance, especially with the rise of agentic systems," said Jeremy Epling, Chief Product Officer, Vanta. "Vanta helps companies like Writer meet rigorous international standards and raise the bar for earning and maintaining trust in an age of evolving risk. It's rare to see an AI provider achieve the comprehensive roster of certifications Writer has earned, let alone at this pace." Alongside these certifications, Writer has launched a new public-facing Trust Center for its customers' security and legal teams. It provides centralized access to security documentation, compliance certifications, and notably, model transparency artifacts like technical reports, bias audits, and benchmark results. Learn more about Writer's commitments to trust, security, and governance at About Writer Writer is where the world's leading enterprises orchestrate AI-powered work. With Writer's end-to-end platform, teams can build, activate, and supervise AI agents that are grounded in their company's data and fueled by Writer's enterprise-grade LLMs. From faster product launches to deeper financial research to better clinical trials, companies are quickly transforming their most important business processes for the AI era in partnership with Writer. Founded in 2020, Writer delivers unmatched ROI for hundreds of customers like Accenture, Intuit, Marriott, Uber, and Vanguard and is backed by investors including Premji Invest, Radical Ventures, ICONIQ Growth, Insight Partners, Balderton, B Capital, Salesforce Ventures, Adobe Ventures, Citi Ventures, IBM Ventures, and others. Learn more at View source version on Contacts Media Contact: press@
Korea Herald
20-05-2025
- Automotive
- Korea Herald
STRADVISION Maintains ISO/IEC 27001 & 27701 Information Security Certifications for Five Consecutive Years
SEOUL, South Korea, May 20, 2025 /PRNewswire/ -- STRADVISION, a disruptive leader in AI-powered automotive perception software, announced today that it has successfully renewed its ISO/IEC 27001 and ISO/IEC 27701 certifications for the fifth consecutive year. This achievement reaffirms the company's robust information security and privacy management capabilities at a global standard. The certifications were issued by DNV, a globally recognized certification body, and are accredited by UKAS, the United Kingdom's national accreditation agency. This further reinforces STRADVISION's international credibility and reliability. ISO/IEC 27001 is an international standard for information security management systems (ISMS), designed to ensure the ongoing confidentiality, integrity, and availability of information. ISO/IEC 27701 extends this framework to personal data protection, assessing whether organizations have comprehensive privacy management systems in place to safeguard personal data in accordance with global standards. Since first obtaining the certifications in 2020, STRADVISION has continuously strengthened its internal security framework. The company has established a company-wide information protection policy, implemented structured risk assessment and response protocols, and conducted regular security training and audits. With the growing scale of collaborations with global OEMs and Tier 1 suppliers, STRADVISION has also proactively addressed rising demands around data confidentiality and algorithm protection. In 2024, the company successfully completed the transition to the latest ISO/IEC 27001:2022 standard. Trust and Security: Dual Pillars of a Future-Oriented Tech Company STRADVISION's SVNet powers autonomous driving and advanced driver-assistance systems (ADAS) by processing massive volumes of visual data from inside and outside vehicles in real time. As the sensitivity of such technology increases, so too does the importance of data security and privacy. These are directly linked to product reliability and customer trust. Maintaining ISO certifications is a testament not only to STRADVISION's technical expertise but also to its commitment to global accountability and trust. ISO/IEC 27001 and 27701 are not one-time achievements. These are rigorous international standards that require continuous full-cycle operational excellence from system implementation to auditing and ongoing improvement. Maintaining both certifications for five consecutive years reflects the company's deeply embedded culture of security and sustainable governance. "Being a technology leader today is not just about innovation in algorithms. It is also about our commitment to the highest standards of security and trust," said Boohyun Hwang, Head of Information Security at STRADVISION. "STRADVISION's continued ISO/IEC 27001 and 27701 certifications mark a key milestone in defining who we are as a future-oriented company that prioritizes global trust as much as technological excellence." For more information on STRADVISION and its cutting-edge technologies, please visit STRADVISION. About STRADVISION Founded in 2014, STRADVISION is an automotive industry pioneer in artificial intelligence-based vision perception technology for ADAS. The company is accelerating the advent of fully autonomous vehicles by making ADAS features available at a fraction of the market cost compared with competitors. STRADVISION's SVNet is being deployed on various vehicle models in partnership with OEMs; can power ADAS and autonomous vehicles worldwide; and is serviced by over 300 employees in Seoul, San Jose, Detroit, Tokyo, Shanghai, and Dusseldorf. STRADVISION has been honored with Frost & Sullivan's 2022 Global Technology Innovation Leadership Award, the Gold Award at the 2022 and 2021 AutoSens Awards for Best-in-Class Software for Perception Systems, and the 2020 Autonomous Vehicle Technology ACES Award in Autonomy (software category). In addition, STRADVISION and its software have achieved TISAX's AL3 standard for information security management, as well as being certified to the ISO 9001:2015 for Quality Management Systems and ISO 26262 for Automotive Functional Safety.
