SocialHub.AI
Certified · Trust & Security

ISO/IEC 27001:2022

SocialHub.AI operates a certified Information Security Management System (ISMS) under ISO/IEC 27001:2022, covering the organizational, people, physical, and technological controls that protect customer data. The certificate is available under NDA.

How our controls map to the standard

ISO 27001 combines a management system with control themes. Here is how each is addressed.

The management system (ISMS)

  • A defined security scope, policy, and assigned responsibilities backed by leadership.
  • A documented risk-assessment process with a maintained risk register and treatment plan.
  • Recurring internal audits and management reviews that keep the system effective.
  • A corrective-action process that turns findings into tracked improvements.

Organizational controls

  • Information security policies, supplier-security requirements, and cloud-service governance.
  • Asset and information classification, with handling rules per sensitivity.
  • Incident management planning, evidence collection, and business-continuity readiness.

People controls

  • Background screening, confidentiality agreements, and security responsibilities in employment terms.
  • Security awareness training and a clear event-reporting channel.
  • Access is granted on joining and promptly revoked on role change or departure.

Physical controls

  • Infrastructure runs on major cloud providers whose audited physical-security controls we inherit.
  • Provider attestations are reviewed as part of our supplier-management process.

Technological controls

  • Strong cryptography: AES-256 encryption with per-record keys and privacy-preserving blind indexes.
  • Access control, secure authentication, logging, and monitoring across the platform.
  • Configuration and change management with automated integrity checks.
  • Vulnerability and secret scanning in the build pipeline.

Continuous improvement

An ISMS is a living system. We continuously refine our controls, run internal audits and management reviews, and maintain surveillance audits to keep the certification current.

Request our ISO 27001 certificate

The certificate and Statement of Applicability are available under NDA for your review.

Contact Security Team