NetApp engages an accredited certification body, Schellman & Company, on an annual basis to certify ongoing ISMS conformance with the ISO 27001 standard. Schellman has verified that in-scope NetApp products and services meet the physical, logical, process, and management controls defined by ISO 27001.
ISO 27001 compliance helps NetApp maintain an information security management system that manages risk and meets information security objectives with policies, procedures, and controls that maintain the confidentiality, integrity, and availability of information; helps meet legal, regulatory, statutory, and contractual obligations; and protects NetApp’s brand.
The broad global acceptance of the ISO 27001 standard makes NetApp’s certification a reliable indicator of the state of its information security management for in-scope services. Achievement of ISO 27001 certification provides valuable evidence to customers and partners by demonstrating our clear commitment and ability to meet the stringent security requirements of highly-regulated sectors such as finance and healthcare. ISO 27001 compliance also helps to assure the security of NetApp’s supply chain through vendor management policies, procedures, and controls that protect our assets.