ISO/IEC 27001 is an international standard jointly developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).

For CMMS vendors that offer cloud-based solutions, compliance with ISO/IEC 27001 involves both the cloud infrastructure provider and the CMMS application itself. While cloud providers often maintain their own ISO/IEC 27001 certifications, CMMS vendors must also implement security controls within their applications to ensure the confidentiality, integrity, and availability of maintenance data. Organizations that deploy a CMMS on-premise are responsible for implementing their own information security controls.

<< Back to Maintenance Glossary