Select Page

SupplyShift Ascends to Data Security Excellence with ISO27001:2022 Certification

Nov 21, 2023 | News, Press Release

SANTA CRUZ, November 21, 2023 – In a notable achievement for data security within the supply chain sustainability sector, SupplyShift has proudly secured the ISO27001:2022 Certification. As of November 16th, SupplyShift stands out with its third-party endorsed, state-of-the-art data protection protocols, fortifying the confidence that partners have long placed in its services.

The ISO27001 certification is globally acknowledged as a gold standard for information security management. SupplyShift’s achievement of this certification is not merely a reflection of compliance but a testament to its rigorous protection of sensitive data through an Information Security Management System (ISMS) plan that meets the highest international benchmarks. Updated in 2022, the latest ISO27001 framework demands a continuous and systematic approach to managing and mitigating security risks, ensuring an unparalleled level of data protection.

GRSee Consulting, based in Sunnyvale, CA, served as the Internal Auditor for SupplyShift’s requirements to achieve ISO27001:2022 Certification. A comprehensive, two-stage external audit was conducted by The British Assessment Bureau, Ltd., the leading ISO Certification body and training provider with UKAS accreditation.

We are now the only company in our industry that has achieved both SOC 2 Type II Reporting Compliance and ISO27001:2022 Certification,” said Alex Gershenson, CEO of SupplyShift. “This dual recognition demonstrates our unwavering commitment to safeguarding the data of our company and customers with the utmost integrity and confidentiality.

Leveraging Drata’s advanced compliance management platform, SupplyShift further cements its pledge to maintain a dynamic and robust security infrastructure. Drata’s technology enables SupplyShift to monitor, manage, and continually enhance its security protocols.

The ISO27001:2022 Certification distinguishes SupplyShift as a leader in data security, setting a standard for diligence and trustworthiness in handling sensitive information. Both current and potential customers can rest assured that their data is under the protection of SupplyShift’s robust, internationally recognized security practices.

Interested parties may request a copy of the ISO27001:2022 Report or the SOC 2 Type II Report via a written request subject to a Non-Disclosure Agreement (NDA).

About SupplyShift

SupplyShift is a leading provider of supply chain sustainability and responsible sourcing solutions, enabling companies to measure, monitor, and improve their environmental, social, and economic impact across the supply chain. Through its cloud-based platform, SupplyShift offers a suite of tools and services designed to help businesses identify risks, uncover opportunities, and drive positive change in their supply chains. For more information, visit


Media Inquiries:

Annamariah Hopkins

Share This