Proekspert receives ISO27001:2022 cybersecurity certification

Proekspert news

04.03.2025

In February 2025, Proekspert received ISO 27001:2022 certification, demonstrating compliance with international best practices in information security, cybersecurity, and privacy protection. This certification underscores the company’s commitment to securing its operations and the services it offers.

As cybercrime continues to grow and new threats emerge, managing cyber risks has become increasingly complex. Proekspert chose to take a proactive approach by identifying potential risks and vulnerabilities and implementing measures to mitigate them. Receiving ISO 27001:2022 certification reflects the company’s dedication to ensuring security and maintaining the trust of customers and partners.

ISO 27001:2022 is an internationally recognized standard for information security management systems (ISMS). It provides companies across all industries with a framework to establish, implement, maintain, and improve their security practices. “Our journey toward information security has been ongoing for years. We adopted ITL’s best practices for secure software development early on and have built our own in-house secure development process. We also assess the information security maturity of every project,” said Ilmar Pralla, COO of Proekspert. 

Pralla emphasized that security is a top priority because many of Proekspert’s clients are large international companies that have faced cyber threats firsthand. “They require the highest standards from their partners. Meeting these expectations is crucial for us,” he added. With new EU requirements, including the Cyber Resilience Act (CRA) and NIS2, impacting clients, Proekspert aims to not only guide and assist but also serve as a good example.

Achieving ISO 27001:2022 certification required a year of thorough preparation. Proekspert assembled an ISO working group and collaborated with external consultants to assess and address areas of non-compliance. The team systematically planned and implemented changes across the organization, ensuring a successful certification audit.

Proekspert’s Data Protection Officer, Marek Suur, highlighted the importance of readiness: “Risks are always present; the question isn’t if something will happen, but when. Being prepared means understanding the risks and having plans in place.” Suur acknowledged the challenges of working with limited resources but expressed confidence in the efforts made. “You can’t do everything you want, but I believe we’ve done enough.” The certification process has strengthened Proekspert’s ability to handle unexpected situations effectively, reinforcing a solid foundation for the future.

Proekspert thanks all its team members who contributed to achieving this goal!