On Friday, June 29, AvePoint passed the International Organizations for Standardization’s (ISO) information security management system (ISMS) audit using the 27001:2013 framework!

ISO is an independent, non-governmental international organization with a membership of 161 national standard bodies. ISO is credited for publishing more than 2,100 international standards covering almost every industry from technology to food safety.

Our ISO certification for AvePoint, Inc. covers the management, operation and maintenance of the people and information assets, information systems and the associated processes that enable corporate operations as well as the development and deployment of products and services provided to customers and employees of AvePoint, Inc.

AvePoint builds on the foundation and discipline necessary to develop and support some of the leading privacy and security products in the world.  As part of our Privacy and Security Program we have implemented a governance structure through which we:

  • Engage senior management on data privacy and security issues
  • Align policies, procedures and technical controls to demonstrate our process and our commitment to our customers and users
  • Train each of our employees on all privacy and security expectations.

iso 27001

Furthermore, we have extended embedded privacy and security by design into our product life cycle processes. We have also implemented a program to manage third-party risk.

The implementation of such compliance-driven programs is not new to AvePoint, and we remain fully committed to approaching this initiative diligently with the utmost focus on securing and maintaining customer trust.

This certification illustrates the maturity and robustness of our on-premise software solutions and our SaaS-based AOS platform as we help 6 million Office 365 users manage and protect their Office 365 data across Exchange, SharePoint Online, OneDrive, Teams, Groups, Yammer, Skype For Business.

ISO certification is undoubtedly a huge milestone for the company. At the same time, it also represents a steadfast commitment to continually improving our information security and privacy programs. This is a great opportunity for AvePoint to say what we do, do what we say, and prove it.


Stay up-to-date with all the latest developments at AvePoint by subscribing to our blog.

Previous articleMetalogix Was Sold, Switch To A Better Solution Without Incurring Additional Licensing Costs
Next articleISO 27001 Compliance: How to Get Started
Dana S.
Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise