FileCloud Achieves ISO 9001 Certification, Sets Sights on ISO 27001

July 18, 2024

At FileCloud, our commitment to excellence and continuous improvement is a driving force behind everything we do. We’re proud to announce that this dedication has been recognized with the achievement of the ISO 9001 certification. This milestone marks a significant step forward in our journey towards delivering the highest quality of products and services to […]

At FileCloud, our commitment to excellence and continuous improvement is a driving force behind everything we do. We're proud to announce that this dedication has been recognized with the achievement of the ISO 9001 certification.

This milestone marks a significant step forward in our journey towards delivering the highest quality of products and services to customers.

Our ambitions don’t stop here though. We are also setting our sights on obtaining the ISO 27001 certification. This certification will further solidify our commitment to information security and privacy.

ISO 9001 Certification: FileCloud's Journey of Continuous Improvement

ISO 9001 is a globally recognized standard that specifies requirements for Quality Management Systems (QMS). Organizations use this standard to demonstrate their ability to provide quality products and services. Deliverables must consistently meet customer and regulatory requirements and enhance customer satisfaction through effective application of the QMS. The system must also include processes for continuous improvement.

When Patrich Salvacion, FileCloud’s Compliance Project Manager, joined the company, the initial goal was to achieve ISO 27001 certification, which focuses on information security management.

However, after careful consideration, our leadership team decided to prioritize ISO 9001 certification. By aligning and refining our processes to meet ISO 9001 standards, we could create a strong foundation for all our future quality and security initiatives.

ISO 9001 Certification Process

Our path to ISO 9001 certification was swift yet thorough, taking approximately two weeks from start to finish. Here’s how we did it:

ISO 9001 certification process undertaken by FileCloud, depicted as a flow graphic.

Preassessment (2 days)

We began with a comprehensive review of our documentation to ensure it aligned with the ISO 9001 requirements. This initial step was crucial in identifying areas that needed attention and setting the stage for a successful audit.

Stage 1 Audit (2 days)

Conducted remotely, this stage involved an active audit of our documentation. The auditors examined our existing processes and practices to ensure they met the necessary standards. Given our pre-existing emphasis on quality and continuous improvement, this stage went smoothly.

Stage 2 Audit

The final stage required us to demonstrate that our plans and processes for continuous quality improvement were not just detailed on paper but actively implemented across our operations.

Through detailed interviews with key leadership members, including Pat Salvacion; Ray Downes (FileCloud’s CEO), Anis Abdul (CTO), Radhakrishnan Sethuraman (SVP Technology Support), and Tomasz Formanski (Director of Software Development), we were able to describe how our commitment to maintaining high-quality standards influences our teams, methodologies, and work processes on a granular level.

The Audit Experience

Throughout this process, it became evident that FileCloud had already cultivated a culture deeply embedded with the principles of continuous improvement. Pat noted, "Everyone at FileCloud is always considering continuous improvement in the back of their heads."

Our existing processes and documentation for product quality were robust prior to pursuing ISO 9001 certification. Pat’s role as Compliance Project Manager was to guide FileCloud on a path to success; he organized our efforts, processes, and documentation into a cohesive and consistent program, serving as FileCloud’s navigator and representative throughout the certification preparation, application, and audit.

In February 2024, we were awarded the ISO 9001 certificate, marking a significant achievement for FileCloud.

ISO 9001 Certification badge (co-awarded by ISO and BSI, British Standards Institution); certification awarded to FileCloud in February 2024.

This certification is not a one-time event but a continuous journey. We will maintain the certification through annual surveillance audits conducted over the three-year cycle. Subsequently, we will undergo a comprehensive audit to renew our certification for another three years.

What Follows ISO 9001 Certification? ISO 27001

With the ISO 9001 certification under our belt, we are now gearing up for our next major milestone: the ISO 27001 certification. This certification focuses on Information Security Management Systems (ISMS) and is essential for demonstrating our commitment to managing and protecting our customers’ data.

What is ISO 27001?

ISO 27001 is an international standard that sets out the criteria for Information Security Management Systems (ISMS). It provides a framework for establishing, implementing, maintaining, and continually improving an ISMS. This includes a wide range of controls related to information security, cybersecurity, and privacy protection.

The ISO 27001 certification process will involve a more extensive audit compared to ISO 9001, particularly due to its technical nature. Here’s a glimpse of what to expect:

Stage 1 Audit (2 days)

Similar to the ISO 9001 process, the initial stage will involve a review of our documentation and policies related to information security.

Stage 2 Audit (11 days)

This stage will be more intensive, requiring us to demonstrate the effective implementation of our information security controls. Given the technical scope of this certification, leadership and engineering team members will provide detailed insights into FileCloud’s security practices and posture.

Building a Solid Foundation for Security

The decision to pursue ISO 27001 was strategic. This certification was chosen from a long list of possible certifications , because it provides a broad yet comprehensive information security  framework upon which FileCloud can build.

Achieving ISO 27001 will not only help us manage risks related to information security – it will also establish a solid foundation to pursue more complex cybersecurity regulations and certifications that address confidentiality, information integrity, and data availability.

"With ISO 27001 certification, we are establishing foundational elements to sustain our growth, embedding security across various facets of the organization, " Pat states. “We want to get this right from the very beginning.”

Attaining ISO 27001 certification will affirm that FileCloud has implemented best practices and principles to effectively manage risks associated with data security, ensuring our customers' trust and confidence.

Beyond ISO 9001 Certification — FileCloud's Long-term Vision

At FileCloud, we believe that certifications like ISO 9001 and ISO 27001 are more than just badges of honor. They are reflections of our core values and our promise to our customers.

As part of our long-term vision, FileCloud is working on a comprehensive resource outlining our cybersecurity posture. This resource will provide transparent and accessible information on all of our certifications. It will also detail ongoing efforts to protect our customers' data. We are excited about the journey ahead and look forward to sharing more milestones with you as we continue to grow and improve.

Interested in learning more about FileCloud? Our Quality Policy is available on our website. You can also check out our on-demand demo or register for a free trial!

By Katie Gerhardt

Jr. Product Marketing Manager