Grant Thornton Cyprus has successfully achieved ISO/IEC 27001 certification, the internationally recognised standard for Information Security Management Systems (ISMS).
As noted in a relevant announcement, "This certification marks an important milestone for the firm, reinforcing its commitment to maintaining the highest standards of information security, data protection, and risk management across its operations. The certification is valid for three years, subject to annual surveillance audits to ensure ongoing compliance and continuous improvement."
ISO/IEC 27001 sets out a systematic approach to managing sensitive and confidential company information, covering people, processes, and technology. It requires organisations to identify and assess information security risks, implement appropriate controls, and establish a robust governance framework to safeguard data integrity, confidentiality, and availability.
"For Grant Thornton Cyprus, this achievement carries particular significance," the announceemnt continued, adding, "It represents the formal recognition of an approach to information security that is already embedded across the firm, further strengthening its commitment to strong governance and effective risk management."
Christos Makedonas, Partner and Digital Risk Services Leader at Grant Thornton Cyprus, commented, “Achieving ISO/IEC 27001 certification is a significant step for our firm. It reflects not only our commitment to safeguarding information, but also our broader approach to governance and risk management. As organisations face increasing regulatory expectations and cybersecurity threats, it is essential to move beyond theory and embed these principles into everyday operations. This certification allows us to demonstrate, in a tangible way, that we apply the same standards we advocate to our clients.”
"Grant Thornton Cyprus will continue to invest in its systems, processes, and people to ensure the ongoing effectiveness of its information security framework, while supporting clients in navigating an evolving risk and regulatory landscape," the announcement concluded.
