Cultural Vistas’ ISO 27001 Information Security Certification

Cultural Vistas is a staunch advocate for the data privacy of our clients, participants, and stakeholders. In 2021, we formally solidified the trust others put into our organization by achieving an ISO 27001 Information Security Certification.


ISO 27001:2013 is the international standard for best practices in Information Security Management Systems (ISMS). This standard requires rigorous business controls and management processes to ensure information security and business risks are identified, evaluated, and managed for the benefit and continuity of the business. Risks are comprehensively evaluated based on the impact to Confidentiality, Integrity, and Availability (CIA) of business and information assets.

Cultural Vistas is certified by an independent accredited certification body, DEKRA, that performed stage 1 and stage 2 audits on the business. The certification process measures the performance of security best practices and identifies opportunities to improve those practices.

International best-practice standards in place at Cultural Vistas include these and other areas:
• Information security policies
• HR security
• Asset management
• Access control
• Environmental security
• Operations security
• Communication security
• Supplier relationships
• Incident management
• Business continuity

In addition, Cultural Vistas is GDPR compliant and similarly aligned with provisions of the California Consumer Privacy Act (CCPA) in the following ways:
• Right to be forgotten/right to erasure
• Right to know about data usage
• Right to access personal data
• Right to opt-out
• Right to portability

With ongoing infrastructure investments, Cultural Vistas will be a trusted leader in data protection, privacy, and security. We look forward to leveraging this achievement to grow our relationships as trusted partners with clients and stakeholders.