Security 

ISO 27001

ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS) which defines how Navima perpetually manages security in a holistic, comprehensive manner. This widely recognised international security standard specifies that Navima does the following:

• We systematically evaluate our information security risks, considering the impact of threats and vulnerabilities.
• We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks.
• We have an overarching management process to ensure that the information security controls meet our needs on an ongoing basis.

ISO 9001

ISO 9001 relates to a set of standards that helps organisations ensure they meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9001 is a standard that sets out the requirements for a quality management system. It helps businesses and organisations to be more efficient and improve customer satisfaction.

A quality management system is a way of defining how an organisation can meet the requirements of its customers and other stakeholders affected by its work. ISO 9001 is based on the idea of continual improvement.

Cyber Essentials Plus Certified

Cyber Essentials Plus is a UK Government-backed, industry-supported certification scheme introduced in the UK to help organizations demonstrate operational security against common cyber-attacks.

Navima's achievement of the Cyber Essentials Plus certification demonstrates our commitment to mitigate the risk from common Internet-based threats, within the context of the UK Government's 10 Steps to Cyber Security. It is backed by industry, including the Federation of Small Businesses, the Confederation of British Industry and a number of insurance organisations that offer incentives for businesses holding this certification.

Cyber Essentials sets out the necessary technical controls; the related assurance framework shows how the independent assurance process works for Cyber Essentials Plus certification through an annual external assessment conducted by an accredited assessor.

GDPR Compliant

At Navima we have implemented the following measures in respect of GDPR:

Transparent Information Uses

Navima provides customers with full control of their content, including access controls that allow administrators to grant or revoke access through the platform’s settings and permissions.

Visibility into Data Processing

Customers can access a copy of their data and know where it’s being processed. Customers can exercise these rights with audit logs and easy download of information. 

The right to be Forgotten

Individuals have the right to ask to delete their personal data – customer will be in full control of their content including deletion, permanent deletion and retrieval of data.

Data Portability and Data Management Tools

Organisations may access, import and export their Data using import/export tools. 

Data Residency

Data residency allows customers to choose the region where their data is hosted (UK – London) as standard with a choice of other locations possible (contact us).