Avetta Achieves Four Major ISO Standards and the SOC 2 Type II Certifications

OREM, Utah, and HOUSTON—May 10, 2022—Avetta®, the leading provider of supply chain risk management (SCRM) software, today announced it has received ISO/IEC 27001:2013, ISO/IEC 27017:2015, ISO/IEC 27018:2019, ISO/IEC 27701:2019 and SOC 2 Type II certifications for its strict compliance to data security, confidentiality, and integrity standards. For today's businesses, ISO/IEC 27001:2013 and SOC 2 Type II compliance are recognized as the gold standards for security excellence.

These certifications demonstrate Avetta’s continuing best practices and deep commitment to information security within the organization and for its customers and confirm the ongoing efforts of Avetta to stand out among its competitors in achieving what matters most for its global customers of all sizes.

Following a multi-audit certification process, A-LIGN Compliance and Security, Inc., a third-party auditor and accredited certifying body accredited by the ANSI National Accreditation Board (ANAB) to perform certifications, determined that Avetta operates a Privacy Information Management System (PIMS) that conforms to the requirements of ISO/IEC 27701:2019, and that the implemented controls also extend to additional objectives included in ISO/IEC 27017:2015, ISO/IEC 27018:2019, ISO/IEC 27701:2019, established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Specifically, these certifications demonstrate Avetta’s excellence in preserving the confidentiality, integrity and availability of information via rigorous risk management procedures, systems and controls. With these certifications, Avetta joins an elite group of organizations that have added to the requirements of ISO/IEC 27001:2013 by also achieving the related ISO/IEC certifications related to its cloud application and processing environment, which ensure its security practices are best-of-breed.

"Our customers rely on Avetta to keep their confidential information secure, and we take that responsibility extremely seriously," said Mark Johnson, vice president of technology at Avetta. "These certifications are a testament to the work we've done to safeguard customer data and to help mitigate data security risks as a top priority for our organization."

A-LIGN also determined that Avetta meets the required technical controls and formalized IT Security policies and procedures required of SOC 2 Type II and ISO-27001 standards. Avetta has implemented several defense-in-depth security measures and countermeasures that help protect it from unauthorized access or compromise, and IT personnel were found to be conscientious and knowledgeable in best practices.

Compliance with this internationally recognized standard confirms that Avetta’s security management program is comprehensive and follows industry best practices. The company's commitment to information security at this level ensures that the security of data and information has been addressed, implemented and properly controlled in all areas of the organization as the standard requires.

# # #

About Avetta
The Avetta SaaS platform helps clients manage supply chain risk and their suppliers to become more qualified for jobs. For the hiring clients in our network, we offer the world’s largest supply chain risk management network to manage supplier safety, sustainability, worker competency and performance. We perform contractor prequalification and worker competency management across major industries, all over the globe, including construction, energy, facilities, high tech, manufacturing, mining and telecom.

For suppliers in our network, our audit and verification services help lower their safety incidents rate by 29%. As a result, nearly 50% of members find additional job opportunities within the first year of joining. In addition, our suppliers receive privileged access to the Avetta Marketplace, where dozens of partners offer special discounts for business services like insurance and work gear. Avetta serves 500+ enterprise companies and 125,000+ suppliers across 120+ countries.

Visit https://www.avetta.com/ for more information.