NEW YORK, Jan. 12, 2021 (GLOBE NEWSWIRE) -- LRN Corporation, a global ethics and compliance education and technology company, has achieved ISO/IEC 27001: 2013 certification, the only internationally recognized information security standard that is certifiable.



LRN provides hundreds of organizations, including some of the world’s largest corporations, with training in ethics and compliance and other functions via a vast SaaS-based technology platform that includes hundreds of courses and other products. As part of the process, clients and partners share significant amounts of data and information. To ensure that the information is guarded in alignment with the tightest standards, LRN pursued ISO/IEC 27001: 2013 standard implementation and certification.

“Considering the depth of our relationships with our partners, the emerging privacy-related regulations like GDPR and CCPA and the current environment in which many workplaces are highly distributed because of the pandemic, we’re taking steps to affirm that our partners’ data is as secure as possible and that our systems and people are held to the highest information security standards in industry,” said Pravin Baviskar, Leader of Information Security at LRN. “Pursuing ISO/IEC 27001 certification is one of the ways we reinforce that commitment.”

The certification scope includes technology (software development), network operations, corporate IT, client/partner support, information security, quality assurance, content production custom, content production library, people & culture and physical security & administration.

LRN pioneered the ethics and compliance space and is recognized globally for its thought leadership in the space. It recently won seven Telly Awards for several of its workplace education and training videos, including ones on sensitive workplace issues like sexual harassment prevention, reporting misconduct and data protection and privacy. LRN and its partners’ insights into ethics and compliance can be found in the firm’s highly ranked podcast, Principled.

About ISO/IEC 27001

ISO/IEC 27001:2013 is an international standard that helps organizations manage the security of their information assets. It provides a management framework for implementing an ISMS (information security management system) to ensure the confidentiality, integrity and availability of all corporate data (such as financial information, intellectual property, employee details or information managed by third parties). It was published in 2013 by the ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) and belongs to the ISO/IEC 27000 family of standards. Certification is achieved through an accredited certification body.

