Your security is our priority.
We are ISO/IEC 27001:2022 certified and work proactively to protect your data and comply with all relevant regulations.
CM1 provides an AML service built on the highest standards of information security and privacy.
Our Commitment to Security
- ISO 27001:2022 Certification
CM1 is certified according to the international standard for information security management. This certification covers our entire service and processes, ensuring continuous risk identification and mitigation. - GDPR Compliance
We fully comply with the EU General Data Protection Regulation, guaranteeing that personal data is handled with the highest level of protection. - DORA and NIS2
CM1 meets the requirements of DORA and NIS2 for operational resilience, incident reporting, and supplier controls.
Continuous Security Improvement
- Risk Management
Risk analysis is an integral part of our operations and is regularly reviewed according to ISO27001:2022. - Audits and Reviews
We conduct regular internal and external audits to ensure compliance with standards and regulations. - Security Testing
Recurring penetration tests and application security tests are performed to identify and remediate vulnerabilities.
Training and Awareness
All employees receive ongoing training in information security. Developers and operations staff undergo specialized courses to ensure security is embedded in our culture.
Incident Management and Continuity
We have established processes for incident handling and business continuity, including regular recovery drills. Real-time monitoring ensures rapid response to critical events.
Data storage, encryption and backup
Secure data storage
Customer data is stored in geo-redundant data centers in Sweden with segmented networks and firewalls.
Encryption
Data is encrypted at rest and in transit using suitable encryption techniques. Keys are managed in dedicated systems.
Backup
Daily backups, long-term storage on tape, immutable backups against ransomware and annual recovery tests as part of our DRP.
Our Code of Conduct
CM1 follows a strict code of conduct that governs our actions towards customers, suppliers, employees, and society. The code is established by the board and revised annually to ensure that we live up to high ethical standards and legal requirements.
