At Gorilla we are committed to building a best-of-breed data processing platform with solutions for pricing, forecasting and reporting. We continuously challenge ourselves to improve the quality of our offering and the services provided. Ever since the start of Gorilla, we invested heavily in keeping all of our customer, supplier and employee data secure. That’s why we are proud to announce that this continuous effort has been acknowledged by our ISO/IEC27001-2013 certification.

At Gorilla we are committed to building a best-of-breed data processing platform with solutions for pricing, forecasting and reporting. We continuously challenge ourselves to improve the quality of our offering and the services provided. Ever since the start of Gorilla, we invested heavily in keeping all of our customer, supplier and employee data secure. That’s why we are proud to announce that this continuous effort has been acknowledged by our ISO/IEC27001-2013 certification.

To achieve this certification, we went through a thorough third-party evaluation that focused on our quality management procedures, documentation review, and overall business and engineering processes assessment. The ISO certifications ensures that we have solid, clearly defined procedures in place across all areas.

ABOUT ISO/IEC STANDARDS

The ISO/IEC27001-2013 standard is a globally recognised information security standard developed and maintained by the International Organisation for Standardisation (ISO) together with the International Electromechanical Commission (IEC).

ISO is an independent, non-governmental organisation that develops “voluntary, consensus-based, market-relevant International Standards that support innovation and provide solutions to global challenges”, while the IEC is the world’s leading organisation that prepares and publishes International Standards for all electrical, electronic and related technologies.

ISO 27001 identifies requirements and specifications for a comprehensive Information Security Management System (ISMS), defining how an organisation should manage and treat customer, employee and supplier data more securely and assess and treat information security risks. It was first published in 2005 but received a significant update with stricter norms in 2013, hence the addition to the name.

‍