Information security
Certified commitment to information security
Aivora is ISO/IEC 27001:2022 certified for its information security management system.
What this certification means
ISO/IEC 27001 is an international standard for information security management. In practice, it means working with a formal framework to identify risks, apply controls, review their effectiveness and improve continuously.
It is not about putting a nice badge on the website and carrying on as if nothing had happened. It is about having processes, responsibilities, evidence and reviews that make it possible to manage security with judgement, discipline and traceability.
Certification scope
Aivora’s certification covers the provision of implementation services for conversational artificial intelligence solutions for the automotive and mobility industry, through commercialisation and go-live for Aivora platform customers.
Standard
ISO/IEC 27001:2022
Certificate
CB-MS-2233
Current issue date
07/02/2026
Validity
Until 06/02/2029
How we apply it at Aivora
Access management
We apply least-privilege principles, segregation of duties, individual identities, access reviews and traceability for assignments, changes and revocations.
Secure cloud usage
We operate with a shared responsibility model and defined controls for cloud services, integrations, monitoring, backups and supplier management.
Encryption and information protection
We work with encryption in transit and at rest, secrets management, environment protection and specific measures for remote work and cloud operations.
Backup and recovery
We have a backup and recovery procedure with automation, retention, periodic testing and defined criteria for restoration in the event of an incident.
Vulnerability management
We identify, record, prioritise and remediate vulnerabilities through internal reviews, automated monitoring, external assessments and ongoing follow-up.
Risk management and continuous improvement
Our ISMS includes the identification, analysis, treatment and monitoring of risks and opportunities in order to strengthen security and improve continuously.
What this adds for our clients
This certification provides a solid foundation for working with Aivora on projects where information security is a relevant requirement. It facilitates evaluation by procurement, legal, IT and compliance teams, and strengthens confidence in the way we manage processes, access, information and services.
In other words: we take security seriously, we manage it methodically and, on top of that, we can prove it.
Frequently asked questions
What certification does Aivora have?
Aivora is ISO/IEC 27001:2022 certified for its information security management system.
What exactly does it cover?
It covers the provision of implementation services for conversational artificial intelligence solutions for the automotive and mobility industry, through commercialisation and go-live for Aivora platform customers.
Does the certification apply to a product or to the organisation?
It applies to the information security management system within the certified scope. In other words, it demonstrates how Aivora manages information security in the services and activities included within that scope.
Is it reviewed periodically?
Yes. The certificate is subject to periodic follow-up and has a defined validity period, so it requires ongoing maintenance and review.
Do you need the certificate or more compliance information?
You can download the certificate or contact our team to clarify any questions.