14 Oct 2022

Suprema, a global pioneer in access control and biometrics, announced that Suprema has simultaneously renewed two important international standard certifications regarding information security management (ISO/IEC 27001) and privacy information management (ISO/IEC 27701).

Data protection certifications 

Suprema is recertified in compliance with ISO/IEC 27001 and ISO/IEC 27701, international standard certifications for information security management systems (ISMS) established by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC), the most authoritative organisations in the field of data protection.

After first acquiring the certifications in 2019, Suprema was able to re-acquire the certifications again in 2022 according to its renewal cycles. Through a process of annual follow-up evaluations, it has been verified once again that Suprema has continuously maintained data protection capabilities that meet high global standards.

ISO/IEC 27001 and ISO/IEC 27701

ISO/IEC 27701 specifies requirements and guides protecting private information at a level that complies with GDPR

ISO/IEC 27001 can be certified only when all requirements are satisfied according to 114 controls in 14 categories including information security policies, supplier relationships, and operations security.

ISO/IEC 27701 specifies requirements and guides protecting private information, such as conditions for data collection and processing, encryption, and de-identification of personally identifiable information at a level that complies with the GDPR (General Data Protection Regulation) of the European Union.

GDPR compliance

Suprema has enhanced its security policy at an enterprise-wide level, applying GDPR compliance to the company’s BioStar 2 software, access control hardware devices, website, and internal security regulations.

Suprema distributes guidelines to customers who have deployed Suprema products, to help them safely manage user's personal information, maintain an 'information security management system' at all times, and strengthen its ‘security incident response plan’ to establish stricter security policies.

Access control security solutions

Suprema is making continuous efforts to invest in information security and personal information protection at all stages from product design and development,” said Suprema Inc. CEO Hanchul Kim.

We will continue to maintain strong data protection capabilities that meet global standards and provide access control security solutions that customers can trust.”