ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls. The basis of this certification is establishing, implementing, maintaining and continually improving an information security management system (ISMS). The ISMS defines how 24sessions constantly manages security in a holistic, comprehensive manner. This widely recognized international security standard specifies that 24sessions do the following:

• We systematically assess our information security risks, taking into account the impact of threats and vulnerabilities.

• We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and organizational security risks.

• We have an overarching management process to ensure that the information security controls meet our high standards on an ongoing basis.

24sessions has certification for compliance with ISO/IEC 27001:2013. The certification is performed by an independent third-party auditor. Our compliance with these internationally-recognized standards and code of practice is evidence of our commitment to information security at every level of our organization, and our security approach is in accordance with industry leading best practices.