BlackLine, Inc.has achieved ISO/IEC 27017:2015 certification
June 2021 by Marc Jacob
BlackLine, Inc.has achieved ISO/IEC 27017:2015 certification, demonstrating the company’s compliance with the internationally recognized standard for cloud security. The certification confirms the company adheres to the latest information security industry standards across its internal cloud services and also maintains and enforces robust and effective policies and procedures to ensure the security and privacy of the data managed by its flagship cloud platform.
ISO/IEC 27017:2015 is the latest in the internationally recognized ISO/IEC 27000 series of protocols that comprise information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to provide best practice recommendations on information security management, risk mitigation and improved control environments within the context of an overall Information Security Management System (ISMS). In 2013, BlackLine was first in the cloud financial close automation category to achieve the original ISO/IEC 27001 certification, and first to successfully complete a SOC 2 (System and Organization Controls) Type 2 examination and 3rd-party audit.
With its ISO/IEC 27017 certification, BlackLine joins a small number of organizations that have gone beyond the requirements of ISO/IEC 27001 to also ensure its cloud security practices are best-of-breed. ISO/IEC 27017 expands on the ISO/IEC 27000 series of standards, providing guidelines for information security controls applicable to and specific to the secure provisioning and use of cloud services. Following a multi-audit certification process, the British Standards Institute (BSI), an accredited certifying body of ISO/IEC 27000 standards, determined that BlackLine’s ISMS conforms to the requirements for ISO/IEC 27017:2015 certification.