Compliance frameworks followed by ConnectOS

Founded in 2018

ConnectOS recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.

As a service provider/product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within ConnectOS so that our customers can feel confident in choosing us as a trusted provider.

This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.

Founded in 2018

Compliances (10)

Here are the compliance frameworks that ConnectOS follows which showcases our adherence to industry-standard security guidelines and practices.

ISO 9001:2015

Compliant

ISO 9001 is a globally recognized standard for quality management. It helps organizations of all sizes and sectors to improve their performance, meet customer expectations and demonstrate their commitment to quality. Its requirements define how to establish, implement, maintain, and continually improve a quality management system (QMS).

Implementing ISO 9001 means your organization has put in place effective processes and trained staff to deliver flawless products or services time after time.

ISO 27001 v2022

Compliant

The updated version of the ISO 27001 standard, reflecting the latest best practices and improvements in information security management.

SOC 2

Compliant

SOC2 Type 2 Certification

CPRA (formerly CCPA)

Compliant

The California Consumer Privacy Act provides data privacy rights to California residents, allowing them control over how their personal information is collected and used.

GDPR

Compliant

The General Data Protection Regulation, a comprehensive data protection law in the EU, governs how organizations must protect personal data and privacy.

UK GDPR

Compliant

UK General Data Protection Regulation (UK GDPR) is the UK’s data protection law post-Brexit. It ensures organizations comply with UK-specific data privacy requirements.

Australian DPA

Compliant

The Australian Privacy Principles (APPs) are a set of 13 legally binding principles under the Privacy Act 1988 (Cth) that govern how Australian organisations collect, use, disclose, store, and manage personal information. They establish a baseline privacy standard similar to global frameworks like GDPR, with a strong focus on transparency, consent, data security, and individuals’ rights to access and correct their information.

PCI DSS 4.0.1

Compliant

The PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designated to protect payment data. PCI DSS v4.0 is the next evolution of the standard.

ISO 22301 v2019

Compliant

ISO 22301 provides requirements for implementing and managing a Business Continuity Management System (BCMS). It focuses on preparing organizations for disruptions by enabling them to continue delivering critical services during emergencies. The standard emphasizes risk assessment, recovery strategies, and communication plans, ensuring operational resilience and stakeholder confidence.

ISO 26000

Compliant

ISO 26000 is an international guidance standard that helps organizations operate in a socially responsible and ethical manner. It defines seven core subjects of social responsibility, including human rights, labor practices, fair operating practices, the environment, consumer issues, community involvement, and organizational governance. Unlike other ISO standards, ISO 26000 is not certifiable—it provides guidance rather than requirements. Its purpose is to help organizations integrate responsible behavior into their strategies, decisions, and daily operations. By following ISO 26000, organizations can build trust, maintain compliance with societal expectations, and demonstrate accountability to stakeholders.

Create your own Trust Center | Powered by