Compliant Security Standards

SOC 2®

SOC for Service Organizations: Trust Services Criteria (Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy)

These reports address controls relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information these systems process. They provide a level of detail sufficient to address the user’s vendor risk management needs and are restricted to specified parties with sufficient knowledge and understanding of the service organization’s system and the nature of services it provides.

ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection

Privacy and Information Security is a priority that CriticalArc takes extremely seriously. 

Our unique continuous assurance approach is underpinned by our Information Security Management System (ISMS) which ensures:

  • Effective risk management resulting in continuous improvement
  • Organizational roles and responsibilities and segregation of duties
  • Strict data management and retention controls
  • Supplier scrutiny, and resilience of business systems and our SAAS products
  • Organizational awareness and effective physical security
  • Effective change management with regular audit and review cycles
  • Best practice incident management  

Our company and products are compliant and certified to a number of internationally recognized standards including:

ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection

ISO27001 is an international standard that helps protect the confidentiality, integrity, and availability of information. By achieving conformity with ISO27001, an organization demonstrates it has put in place a system to manage risks related to the security of data owned or handled by the organization, and that this system respects all the best practices and principles contained in the standard.

View the CriticalArc ISO 27001:2022 certificate.

Cyber Essentials

Cyber Essentials is an esteemed initiative supported by the UK government and industry experts, offering businesses an effective shield against the rising menace of cyber-attacks. It provides a comprehensive guide on the fundamental measures that organizations should implement to safeguard themselves. At CriticalArc, we prioritize cyber security and uphold its significance.

This program is the UK government’s proactive response to creating a safer online environment for organizations of all sizes and sectors. Developed and operated by the esteemed National Cyber Security Centre (NCSC), obtaining Cyber Essentials certification allows organizations to exhibit their credibility and robustness in terms of cyber security.

BS 8484

BS 8484 serves as the gold standard for the provision of lone worker safety services, and CriticalArc takes this matter very seriously.

With more and more individuals working across the UK, the risks they face in their social and environmental surroundings are on the rise. As a result, employers are actively seeking reliable lone-worker safety service providers who can offer their colleagues a dependable means to call for help in times of emergency.

Recognizing the undeniable significance of delivering a top-notch service, the security industry is committed to promoting best practices and establishing a benchmark against which providers of lone-worker security services can be evaluated.