ISO 27001:2022 | Trust Centre | FSET Inc

.swiper-next:after,.swiper-prev:after{--wpr-bg-6918b2c1-9e81-4a59-aa15-3160e359c8ed: url('https://fset.inc/wp-content/themes/fset/images/arrow.svg');}.btn.video::after{--wpr-bg-faa29d26-22fa-4822-9a8d-4abb359d474f: url('https://fset.inc/wp-content/themes/fset/images/play.svg');}body.single-post .a2a_button_copy_link::before,body.single-new .a2a_button_copy_link::before,body.single-white-paper .a2a_button_copy_link::before{--wpr-bg-cfb0701c-ba14-4166-999d-eb7503b499c8: url('https://fset.inc/wp-content/themes/fset/images/icon-copy.svg');}body.single-post .a2a_button_linkedin::before,body.single-new .a2a_button_linkedin::before,body.single-white-paper .a2a_button_linkedin::before{--wpr-bg-e34a9a03-5cbd-493a-b2f8-992a6c3c05b0: url('https://fset.inc/wp-content/themes/fset/images/icon-linked.svg');}.rll-youtube-player .play{--wpr-bg-f9c05522-f25f-4e55-a88e-c28ac1d69dfe: url('https://fset.inc/wp-content/plugins/wp-rocket/assets/img/youtube.png');}

International Standard Certified

ISO 27001:2022

FSET holds active ISO/IEC 27001:2022 certification — the internationally recognised standard for Information Security Management Systems. Certification confirms that FSET systematically manages information security risks across its operations, with controls audited annually by an accredited third party.

Quick Facts

StatusPublished

TypeInternational Standard

ScopeInformation Security Management

Published2022

OVERVIEW

Law enforcement agencies, healthcare providers, and municipal governments operate under strict regulatory obligations for data privacy, system availability, and security governance — and those obligations extend to the technology partners they work with.

FSET’s ISO 27001:2022 certification, compliance framework alignments, and published policies give clients documented, auditable evidence to satisfy their own procurement requirements and risk assessments.

For a police service managing sensitive investigative data, or a health authority responsible for personal health information under PHIPA, due diligence means verifying — not assuming — that your IT partner meets the same standard you’re held to.

KEY REQUIREMENTS

Information Security Policy

Maintain a documented information security policy approved by leadership, communicated to staff, and reviewed at planned intervals or following significant changes.

Risk Assessment & Treatment

Conduct information security risk assessments at planned intervals, identify risk owners, and apply risk treatment options aligned to organisational risk acceptance criteria.

Access Control

Implement and maintain access control policies ensuring information access is restricted based on business and security requirements, with access rights reviewed regularly.

Continuous Monitoring & Audit

Perform internal audits at planned intervals and conduct annual management reviews to evaluate ISMS performance and drive continual improvement.