Published On: 07.04.2022Last Updated: 17.09.2025Categories: News

The information security management system (ISMS) of Secapp’s SaaS service has been ISO/IEC 27001 certified since January 2022

To obtain and maintain ISO 27001 certification, an organization must meet the requirements of the standard. These requirements include careful maintenance of the security management system, continuous improvement, and assessment of the organization’s security risks.

Applying for the ISO 27001 certification was a natural step for Secapp

Kari Aho, CEO of Secapp, says that taking care of the information security issues has been parallel since founding the company. “We have been building processes for a decade and we are constantly refining them. The ISO/IEC 27001:2013 certificate is a testimony to the high level of our operations and our desire to commit to continuous improvement. In addition, preparing for the first audit helped us to write the policies as systematic guidelines and practices. This helps guarantee in providing a secure service but also in other aspects like in onboarding new employees and thus accelerate our growth”, Aho concludes.

Secapp Oy was audited in October 2021 by HuldCertification Oy (renamed to Into Certification in 2025) and Secapp’s ISMS was granted the ISO/IEC 27001:2013 certificate in January 2022. The ISO/IEC 27001 standard certification is valid for three years at a time, including required annual surveillance audits and a full audit every three years.

The latest full audit was done in November-December 2024 by Into Certification Oy, for conformance with the updated ISO/IEC 27001:2022 standard. The scope of the certificate is Secapp SaaS Europe and Canada for critical communications and alerting platform and related support functions with the site Head Office, Jyväskylä, Finland. The current certificate is valid until 20.1.2028.

 

For more information, please contact:

Antti Hämäläinen (security@secapp.fi) or

Kari Aho, CEO (+358 50 406 3028, kari.aho@secapp.fi)

 

 

The information security management system (ISMS) of Secapp’s SaaS service has been ISO/IEC 27001 certified since January 2022

To obtain and maintain ISO 27001 certification, an organization must meet the requirements of the standard. These requirements include careful maintenance of the security management system, continuous improvement, and assessment of the organization’s security risks.

Applying for the ISO 27001 certification was a natural step for Secapp

Kari Aho, CEO of Secapp, says that taking care of the information security issues has been parallel since founding the company. “We have been building processes for a decade and we are constantly refining them. The ISO/IEC 27001:2013 certificate is a testimony to the high level of our operations and our desire to commit to continuous improvement. In addition, preparing for the first audit helped us to write the policies as systematic guidelines and practices. This helps guarantee in providing a secure service but also in other aspects like in onboarding new employees and thus accelerate our growth”, Aho concludes.

Secapp Oy was audited in October 2021 by HuldCertification Oy (renamed to Into Certification in 2025) and Secapp’s ISMS was granted the ISO/IEC 27001:2013 certificate in January 2022. The ISO/IEC 27001 standard certification is valid for three years at a time, including required annual surveillance audits and a full audit every three years.

The latest full audit was done in November-December 2024 by Into Certification Oy, for conformance with the updated ISO/IEC 27001:2022 standard. The scope of the certificate is Secapp SaaS Europe and Canada for critical communications and alerting platform and related support functions with the site Head Office, Jyväskylä, Finland. The current certificate is valid until 20.1.2028.

 

For more information, please contact:

Antti Hämäläinen (security@secapp.fi) or

Kari Aho, CEO (+358 50 406 3028, kari.aho@secapp.fi)