ebpSource achieves ISO 27001 Information Security Standard

London, UK ... 17th May 2016
ebpSource is extremely pleased to announce that it has achieved ISO/IEC 27001 accreditation. The international industry standard for information security management systems (ISMS), ISO/IEC 27001 is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organisation's information security and risk mitigation.

ebpSource iso 27001 award
Co-founders, Ken McKay – CEO and Steve Wright - EVP, Commercial Operations attend a formal presentation to recognise the company’s ISO/IEC 27001 achievement, at the British Standards Institute (BSI), Milton Keynes, UK - April 2016.

For ebpSource, as a leading provider of e-billing and payment (EBP) solutions, achieving ISO/IEC 27001 status underlines the company’s strict information management policies and is an important competitive differentiator in a market increasingly concerned with data security.

Furthering market leadership position
With more than fifteen years' experience implementing complex environments for tier one financial services, payment processors, telecoms and utility billers, the protection of sensitive data has always been a top priority for ebpSource. The company’s information management policies and practices are central to the work undertaken for clients, which includes many of the world’s highest volume e-billing and payment applications.

“The decision to seek formal recognition for our internal ISMS processes was a project we undertook through consultation with key clients and with an eye to the future,” says Steve Wright, EVP of Commercial Operations at ebpSource. “Information security is a continually critical issue for our clients, most of whom are responsible for high volumes of sensitive customer information at a global level. At ebpSource we believe that ISO/IEC 27001, as an internationally recognised standard of best practices, will soon become a procurement mandate. That we are already there should greatly simplify the compliance requirements with new clients going forwards.”

Recognition of existing processes
While participation in the compliance programme was both complex and time-consuming – taking a total of some 7 months – it was mitigated by the fact that the company’s internal systems and processes were in most cases already operating at higher than the ISO/IEC 27001 standard.

Explains Jianbo Mao, ebpSource’s Chief Technology Officer, who headed the project: “During an initial independently-assessed audit our ISMS levels were found to be well in advance of ISO requirements. What took the time – and it was actually the only area we needed to upgrade to conform to the latest protocols - was in the documentation we disseminate internally, to our international partners, and to our clients.”

"... our ISMS levels were found to be well in advance of ISO requirements."

The fact that ebpSource was already ahead of the curve was no happy chance. Decades of implementing award-winning EBP systems for household name banks, major billers and outsourcers, across the Americas, Europe, Africa, Middle East, Eurasia, Far East, Australasia and in the Cloud meant that information security management was second nature.

Indeed the rapid migration of data into the Cloud has made cyber security more critical than ever - the expertise gained by ebpSource in this area has enabled it to advise clients on ISMS best practices as part of their overall electronic and IT governance strategies.

In conclusion, Wright adds: “We are proud to have invested deeply in ensuring that our own internal processes for information security management, across all customer touchpoints and projects are a match for those of our end clients and business partners.”

About ebpSource (www.ebpsource.com)
The most experienced team in the international e-billing and payment industry, ebpSource delivers software solutions, consultancy and support to global financial services, payment processors, telecoms, utility, postal and outsourced service providers. The team has unparalleled knowledge in the establishment of highly successful, multi-channel infrastructures and supports some of the largest, most prestigious and highest-adoption services of this kind worldwide.