Keeping Information Safe in the Digital Age
IMD achieved ISO 27001 certification in 2021, providing a structured approach to protecting information. The certification manages risks related to the potential theft of data (confidentiality) as well as how information could be wrongfully manipulated (integrity), or even rendered inaccessible (availability).
This certification reduces customer audit needs and demonstrates to our clients and stakeholders that IMD takes information security seriously. ISO 27001 requires that IMD’s information security program is documented, communicated across the institution, and reviewed regularly by the Executive Committee. As part of this process, IMD employees became aware of five new policies that every employee must comply with for the protection of information at IMD: Information Security Policy, Access Control Policy, Acceptable Use of Information and IT Systems Policy, and Supplier Policy.