Cultural Vistas is a staunch advocate for the data privacy of our clients, participants, and stakeholders. In 2021, we formally solidified the trust others put into our organization by achieving an ISO 27001 Information Security Certification.
ISO/IEC 27001:2013 is the international standard for best practices in Information Security Management Systems (ISMS). This standard requires rigorous business controls and management processes to ensure information security and business risks are identified, evaluated, and managed for the benefit and continuity of the business. Risks are comprehensively evaluated based on the impact on Confidentiality, Integrity, and Availability (CIA) of business and information assets.
Cultural Vistas is certified by an independent accredited certification body, DEKRA, that performed stage 1 and stage 2 audits on the business. The certification process measures the performance of security best practices and identifies opportunities to improve those practices.
International best-practice standards in place at Cultural Vistas include these and other areas:
· Information Security Policies
· Organization of Information Security
· Human Resource Security
· Asset Management
· Access Control
· Physical and Environmental Security
· Operations Security
· Communications Security
· System Acquisition, Development, and Maintenance
· Supplier Relations
· Information Security Incident Management
· Information Security Aspects of Business Continuity
In addition, Cultural Vistas is GDPR compliant and similarly aligned with provisions of the California Consumer Privacy Act (CCPA) in the following ways:
• Right to be forgotten/right to erasure
• Right to know about data usage
• Right to access personal data
• Right to opt-out
• Right to portability
With ongoing infrastructure investments, Cultural Vistas will be a trusted leader in data protection, privacy, and security. We look forward to leveraging this achievement to grow our relationships as trusted partners with clients and stakeholders.