ISO/IEC 27001

A Standard You Can Trust

View our Certificate of Registration

At Central 1, we take information security seriously. So seriously, in fact, that we were the first online banking service provider in Canada to achieve ISO/IEC 27001 certification.

Why does ISO/IEC 27001 certification matter?
More than a piece of paper, our ISO/IEC 27001 certificate of registration is your assurance that we follow the highest standards for collecting, processing and storing data (as specified by the International Organization for Standardization). ISO/IEC 27001 is an information security standard that is recognized internationally and followed by some of the world’s most significant organizations, including BlackBerry, the Federal Reserve Bank and World Bank.

More specifically, it means our Information Security Management System (ISMS) has been assessed by an objective third-party auditor and found to be appropriate for an organization of our size, scope and complexity. Equally important, it also means that our security measures are regularly reviewed to ensure ongoing compliance with the standard and continuous improvement.

Our security commitment
For years, Central 1 has gone to great lengths to protect the interests — and information — of partners, clients and members. Each and every employee at Central 1 goes through a rigorous screening as part of the master bonding process and our hiring procedures are carefully designed to ensure that only the best and brightest join our ranks.

Our ISO/IEC 27001 compliance also adds evidence that we’ve gone even further to ensure the confidentiality, integrity and availability of the information we hold.

The scope our ISMS program includes:

  • Information Handling
  • Document Control
  • Policies, Practices and Standards
  • Internal Audit
  • Statutory & Regulatory Compliance
  • Contractual Obligation Compliance
  • Security Incident Management
  • Management Reviews
  • Continuous Improvement
  • Risk Assessment
  • Risk Treatment
  • Asset Inventory
  • Information Classification
  • Security Testing
  • Training & Awareness
  • Communications
  • Strategic & Tactical Planning
  • Project Management

We employ a dedicated team to manage these measures, as well as Security and Privacy Officers to oversee the efficient and effective delivery of our Corporate Information Security and Privacy Programs.