SOC Compliance
The ISO 27001 certifies that we operated an Information Security Management System (ISMS). This means that we perform many activities to continuously analyze, assess, and improve our information security in the organization (similar to ISO 9001). However, the ISMS certification does not include details about the control framework, and wether we are compliant with it. During the ISAE-3402 assurance audit, the auditor checks in detail, by conducting interviews and collecting evidence, if our controls are effective. Based on these observations, the auditor provides a qualified opinion wether our security posture is effective or not.
The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments related to data retrieval, storage, processing, and transfer. The reports cover IT General controls and controls around customer data availability, confidentiality, and security. The SOC 1 reports primarily examine controls relevant to customers’ financial reporting. Additional information can be found here.
The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments related to data retrieval, storage, processing, and transfer. The reports cover IT General controls and controls around customer data availability, confidentiality, and security. The SOC 2 reports cover controls around customer data security, availability, and privacy. Additional information can be found here.
GDPR Compliance
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU residents and provides individuals the right to exercise control over their data. We are committed to our customer’s success, including supporting them on their GDPR compliance journeys. Additional information can be found here.
ISO 27001
The Information Security Management System (ISMS) applies to control our entire business, premises, and resources that reside in our headquarters in Atlanta, Georgia, USA, and Flensburg, Germany. From a product perspective, it also includes N4 SaaS cloud solutions and the Carrier &
Vessel Solution (CVS) product portfolio consists of MACS3, MACS3 Connected, MACS3 API Services, Stowman, Stowman DS, Capstan, Bluetracker Reporting, and Bluetracker One, which we provide to our customers.
This Information Security Management System scope is aligned with the Statement of Applicability. (SOA Version 02, Date: November 16, 2022).
ISO 9001 Compliance
Navis Germany GmbH – Carrier and Vessel Solutions
ISO certification is a seal of approval from a third-party body that a company runs to one of the international standards developed and published by the International Organization for Standardization (ISO).
The ISO is an independent, non-governmental international organization that brings together experts to share knowledge and develop international standards that support innovation and provide solutions to global challenges.
