Go back to Blog
Archive
xx min read
November 16, 2022

Aumni Announces ISO/IEC 27001 International Data Security Certification to Expand Offerings in Private Equity Markets Worldwide

share on

Security is at the heart of what we do at Aumni, which is why we continually seek new ways to strengthen our programs and integrate security measures throughout our processes. We are delighted to announce, having put our security protocols and programs to the test, we have received our latest accreditation -- the ISO/IEC 27001 certification. 

ISO/IEC 27001 is the international standard for information security with requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). ISO 27001’s rigorous standards address staffing, processes, and technology best practices that make information assets more secure. To be certified, a business must:

  • Methodically review the organization's information security risks, including threats, vulnerabilities, and potential impacts
  • Design and implement a coherent and comprehensive suite of information security controls and other forms of risk mitigation to confront risks
  • Retain a universal management process to ensure that the information security controls meet the organization's information security needs

Aumni meets or exceeds these internationally recognized standards. Receiving this certification attests to Aumni’s robust infrastructure, systems, tools, and processes that keep the data entrusted to us and the systems supporting our services confidential and highly available. 

The ISO 27001 certification comes on the heels of our SOC 2 Type II certification, which originated in the United States from the AICPA and American Institute of Certified Public Accountants. While it’s well known within the U.S., it's not an internationally accepted security standard, so having both certifications builds further trust in our security program. Now, our clients within the U.S. that participate in international investments and our clients in international locations all benefit from knowing their data is secure.  

Aumni’s Senior GRC Analyst, Craig Estep, said the following about our latest security program achievement: “Meeting such rigorous security standards is not commonplace for young companies like ours. Our security efforts to date point to our integrity and the importance of making security measures part of our process from the beginning instead of trying to retrofit secure solutions down the road as we grow. We had to meet 114 requirements for ISO 27001, and that is no small feat. We are thrilled to show our customers how we apply our ingenuity to our core business and keep their data secure.”

Our Commitment to Risk Mitigation   

This achievement marks an ongoing journey to protect the confidentiality, availability, and integrity of Aumni systems and data. Our sophisticated, certified security program reduces risk from threats and vulnerabilities through the implementation of policies such as: 

  • Product security initiatives 
  • Policy governance 
  • Security training
  • Change Management, including SDLC methodology
  • Data protection
  • Vulnerability Management
  • Asset Management
  • Incident Response
  • Business Continuity & Disaster Recovery
  • Logging and Monitoring
  • Vendor Security Management
  • Access Control

We remain committed to data confidentiality and customer trust. Annually, our policy requires independent third-party auditors to attest to whether we follow the security best practices enshrined in the SOC 2 Type II and ISO 27001:2013 frameworks. We won’t stop there; we will continue developing security measures above and beyond compliance requirements. 

To learn more about our security framework and download our Security Whitepaper, please visit our Trust page: https://www.aumni.fund/trust

©2023 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase Bank, N.A. Member FDIC.

This material is not the product of J.P. Morgan’s Research Department. It is not a research report and is not intended as such. This material is provided for informational purposes only and is subject to change without notice. It is not intended as research, a recommendation, advice, offer or solicitation to buy or sell any financial product or service, or to be used in any way for evaluating the merits of participating in any transaction. Please consult your own advisors regarding legal, tax, accounting or any other aspects including suitability implications, for your particular circumstances or transactions. J.P. Morgan and its third-party suppliers disclaim any responsibility or liability whatsoever for the quality, fitness for a particular purpose, non-infringement, accuracy, currency or completeness of the information herein, and for any reliance on, or use of this material in any way. Any information or analysis in this material purporting to convey, summarize, or otherwise rely on data may be based on a sample or normalized set thereof. This material is provided on a confidential basis and may not be reproduced, redistributed or transmitted, in whole or in part, without the prior written consent of J.P. Morgan. Any unauthorized use is strictly prohibited. Any product names, company names and logos mentioned or included herein are trademarks or registered trademarks of their respective owners.

Aumni, Inc. (“Aumni”) is a wholly-owned subsidiary of JPMorgan Chase & Co. Access to the Aumni platform is subject to execution of an applicable platform agreement and order form and access will be granted by J.P. Morgan in its sole discretion. J.P. Morgan is the global brand name for JPMorgan Chase & Co. and its subsidiaries and affiliates worldwide. Aumni does not provide any accounting, regulatory, tax, insurance, investment, or legal advice. The recipient of any information provided by Aumni must make an independent assessment of any legal, credit, tax, insurance, regulatory and accounting issues with its own professional advisors in the context of its particular circumstances. Aumni is neither a broker-dealer nor a member of any exchanges or self-regulatory organizations.

383 Madison Ave, New York, NY 10017