We pursue recognized worldwide certifications to make sure we’re building the appropriate standardization and quality into our documentation, processes, products and services. 

ZS keeps our teams up to date on the latest security and privacy frameworks and standards for data management. This includes our work to align our policies and processes with the National Institute of Standards and Technology (NIST) in the U.S., with other associated benchmarks, frameworks and standards we comply with, and with those that underpin our technology solutions that are used globally.

ZS’s ISO 27001 certification for 28 office locations focuses on protecting confidentiality, integrity and the availability of information. ISO 270001 certification demonstrates ZS’s commitment to information technology, security techniques and information security management systems. It helps ensure that all of the information, data, associated systems and resources that ZS handles are protected.

The ISO 27701 standard provides guidance on how to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS). It prepares organizations to put standards in place that will help them comply with global data protections including GDPR.

The ISO 27017 standard is an international framework that can help reduce the risk of data breaches and build client trust by indicating an organization’s commitment to information security. The standard also gives guidance on what to expect from cloud service providers. 

ZS has completed this for its JAVELIN and ZAIDYN suite of applications. SOC 2 and SOC 3 attestations assure customers and prospects that a company is taking all the steps to keep data safe, protecting it from damaging breaches. Our SOC 2 Type 2 and SOC 3 attestations apply AICPA’s Trust Service Principles examining security, availability, confidentiality and privacy of our products and platforms to ensure our company’s security and privacy programs meet these objectives over a period of time.

We have achieved this cybersecurity compliance standard for our instances of ZAIDYN™ Data & Analytics in China. Level 3 of information security as determined by the Ministry of Public Security in China applies to protect systems that would result in harm to social order, public interest and national security if damaged. 

ZS’s Business Technology capability group in India has been assessed at a CMMI maturity Level 3 by the Quality and Accreditation Institute (QAI) of India. CMMI is a model for evaluating the efficacy of an organization’s processes by developing and comparing essential competencies. CMMI Maturity Level-3 means that the organization is performing at a “defined” level, where processes are thoroughly characterized and understood, as well as documented in standard procedures, tools and methodologies.

The HITRUST certification demonstrates an organization’s credibility and status in the healthcare industry based on how it follows the HITRUST Common Security Framework (CSF). It is both risk- and compliance-based, providing a global approach that combines multiple standards and regulations into a single framework.

ZS’s ISO 45001 certification covers our largest offices, which account for nearly 80% of our employees. This certification focuses on establishing robust mechanisms to provide safe and healthy workplaces for our employees and to avoid work-related health risks. Our commitment to this certification ensures that ZSers experience a safe and healthy work environment. 

ZS’s ISO 45003 certification covers our largest offices, which account for nearly 80% of our employees. This certification establishes robust mechanisms to set global standards and practices to manage overall employee well-being in the workplace. It provides systemic guidance on how to manage risks related to employee safety as part of an occupational health and safety management system. As of 2023, we are one of the few organizations that have achieved this accreditation.