We firmly believe that our customers' data is their property and therefore we have taken extensive measures to ensure its integrity and protection. Our successful ISO 27001 certification is one of several measures we have taken to give our customers the assurance that their data is safe in our hands and that we have established controls and security measures to ensure its security.

ISO 27001

The management system of the Assessio Group, including Assessio Sweden, is certified. ISO 27001 is a standard that is fully focused on the security of business information and confidential data made available by clients. An ISO 27001 certificate proves that the security of business information is accurately described, implemented, and controlled. ISO 27001 is an internationally recognized certificate for information security.

Becoming ISO 27001 compliant means that Assessio has implemented a strict method of information security measures into an Information Security Management System (ISMS). It confirms that information security and confidentiality are key elements of the company's activities.

Learn more: Privacy Policy

Our security standard

Our ISMS ensures the highest possible security standards, which is maintained by Assessio's staff and supported by IT systems and processes throughout the organization. With Assessio Sweden being certified, you are assured that all business processes, systems and services are properly protected to ensure that your information and personal data are handled with confidentiality.

If you want more information about the work we have done to become ISO 27001 certified or if you have other questions, please contact:


Assessio platform achieves CSA STAR Level 1 certification  

Assessio Group’s platform has attained the CSA’s STAR Level 1 certification. Cloud Security Alliance (CSA) has a mission to promote best practices and education to help ensure a secure cloud computing environment. The CSA brings together a diverse community - from technology vendors to government agencies - to collaborate on cloud security challenges.  

The CSA’s Security, Trust, Assurance, and Risk (STAR) Program combines the controls and best practices laid out in information security standards (ISO/IEC 27001, for instance) with the CSA’s own CCM (Cloud Controls Matrix). CCM is CSA’s proprietary cybersecurity control framework that covers all aspects of cloud technology and creates one of the most comprehensive cloud security control sets. To attain the CSA STAR Level 1 certification, Assessio Platform submitted the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CSA’s Cloud Controls Matrix (CCM). 

The Security, Trust, Assurance, and Risk (STAR) program also offers a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. For Assessio platform it is available here

The benefits of a CSA STAR certification: 

A CSA STAR certification means the data we process is protected using a security framework designed specifically for cloud computing.  

  • The CSA STAR certification complements the ISO 27001 certification: the ISO 27001 certificate is used to externally communicate that Assessio Group has an active security program in place, which helps to identify, mitigate, and monitor information security risk to the scope of their management system. ​The CSA STAR certificate provides further reassurance to clients and business partners that the organization has established a base maturity level.  
  • Enhance trust, transparency, and confidence amongst current and potential clients: this includes the regulations, standards, and frameworks we adhere to. All in all, it helps demonstrate to the clients that our business is a mature security organization.
  • Reduces complexity: the Consensus Assessments Initiative Questionnaire (CAIQ) can be used as it is for multiple clients' needs and the link to the STAR Registry is publicly accessible. 
  • Helps gain competitive sales advantages: the certification helps Assessio Group to market ourselves directly to clients that need the type of assurance and transparency that the STAR Program offers.