Safeheron Passes ISO 27001 Annual Audit, Maintaining Industry-Leading Security Standards

Safeheron is pleased to announce that it has successfully passed the ISO 27001 annual audit conducted by Det Norske Veritas (DNV), a highly regarded international classification authority. This achievement follows the company's successful preliminary audit in December 2021, and demonstrates Safeheron's commitment to maintaining industry-leading information security management standards and protection of customer information.

The ISO 27001 standard is a globally recognized benchmark for information security management systems (ISMS) and is issued by the International Organization for Standardization (ISO) in conjunction with the International Electrotechnical Commission (IEC). ISO 27001 is the most widely adopted certification standard in the field of information security and is renowned for its stringent requirements. Det Norske Veritas (DNV) is a leading assurance and risk management company that was founded in 1864. It is the first international third-party organization to be accredited by UKAS.

At Safeheron, we prioritize compliance with international standards and regularly work with renowned assurance and risk management experts to ensure that our information security practices are of the highest caliber. This not only allows us to provide our customers with high-quality products and services, but also enhances our reputation for reliability, building customer confidence in our company. By continuously striving for global compliance, we are able to maintain our best practices and further solidify our position as a dependable industry leader.

As the Web3 era brings about an influx of big data, enterprise information security management is facing increasing challenges and risks. At Safeheron, we prioritize information security as a self-custody security infrastructure for digital assets. With our leading technology and comprehensive governance control system, we are able to build a robust protection system for our customers' information security. Information security is a top priority for us at Safeheron, and we are committed to using our expertise to ensure the protection of our customers' sensitive data.

Safeheron has established a set of information management standards for its own operation and development that conform to international standards. Internal audits and management reviews are not a one-time event, but rather a year-long process of continuous optimization.

Internal Audit

The internal audit is an integral part of our efforts to continuously improve and strengthen our ISMS. Rather than simply meeting requirements, this process is designed to identify and address potential weaknesses to prevent security incidents from occurring. We place a high value on its importance in maintaining the highest standards of information security.

Safeheron has implemented a comprehensive internal auditing system in accordance with ISO 27001 and ISMS standards. An independent department within our organization conducts internal audits with an emphasis on transparency and fairness in order to enhance employee compliance and identify potential risks. Our internal audits have consistently identified and resolved any issues prior to external audits, and have been recognized by both ISO and SOC2 for their compliance and efficacy.

External Audit

In addition to internal audits, we also recognize the importance of external audits in our management review. This year, we cooperated with Deloitte to undergo SOC 2 Type 1 certification. The results of the audit will provide valuable insights as we review and improve our company's management practices. We place a high value on the feedback of our stakeholders and, with the professional guidance of Deloitte, we’ll continue to improve our ISMS in strict accordance with SOC 2 requirements. To ensure the suitability, adequacy, and efficacy of our ISMS, we seek out multiple leading authorities in order to eliminate the single-source risk associated with compliance certification.

Safeheron recognizes that monitoring and auditing must be ongoing for any compliance certification system to be effective. As a company committed to the discipline of "zero asset loss and zero leakage" in a security landscape that is constantly evolving, we are committed to adopting various compliance certifications in order to provide our users with the most regulated and reliable digital asset security custody services.