Eventilla Oy has achieved ISO 27001 certification – the first in Event Management in Finland

Eventilla’s information security management system has been awarded the international ISO/IEC 27001 certification. Eventilla is, to the best of our knowledge, the first Finnish software company specialising in event and training management to achieve this certification.

The certification makes visible and verified the information security work carried out at Eventilla over many years. In practice, it means that the company’s approach to managing information security – its internal practices, security policies and risk management – meets the requirements of the international standard, and this has been verified by an independent, external party.

“Trust is our most important IPR.”

What does the certification mean for customers?

At Eventilla, large volumes of personal data are continuously processed on behalf of customers. For many customers, the data they collect is not only their own – it belongs to their clients, members or trainees. Increasingly, these organisations must be able to demonstrate onwards that the data is in safe hands.

This is where the certification provides concrete value. When participants’ data is processed in Eventilla, it happens in a system whose information security management is independently ISO 27001 certified. The promise of data security is backed by external verification.

This is confirmed by Eventilla’s customer Professio, which organises over a thousand professional events, training programmes and qualifications each year for 25,000 participants:

“We organise over a thousand professional events, training programmes and qualifications each year, attended by 25,000 experts and decision-makers. Our customer base consists of large companies and public sector organisations, for whom information security and compliance are absolute prerequisites in procurement. The fact that Eventilla’s information security management has been officially audited gives us the backing to demonstrate to our customers that data is processed securely and in accordance with standards throughout the entire chain.”

An independent assessment

The certificate was issued by Into Certification, a subsidiary of Into Security Oy and a FINAS-accredited (S064) certification body. Eventilla specifically sought an assessment from an independent, accredited body – one that is also recognised internationally.

“The ISO/IEC 27001 certification process is a demanding undertaking that requires a company to take a systematic, documented and long-term approach to managing information security risks. In our impartial audit, we verified that Eventilla Oy’s information security management system meets the requirements of the standard and that the company has the capability to protect its information assets in a planned manner.”

What does the ISO 27001 certification cover?

The scope of the certification is Eventilla’s information security management system, which covers the development, operation and support of its cloud-based SaaS solutions, as well as the internal processes and systems supporting these services. ISO/IEC 27001 is an international standard for information security management systems; the certification confirms the conformity of the management system.