Data security, formally verified
COS Systems Inc. and COS Systems AB are ISO 27001:2022 certified. The certification covers our full operation: development, delivery, and support of broadband network software globally. It was audited and issued by Scandinavian Business Certification AB, accredited by SWEDAC.
Certified by SBcert
Accredited by SWEDAC
What certification means for you
ISO 27001 is not a product label. It certifies that COS Systems operates a documented, audited information security management system across the entire organization. These are the controls that matter to operators running broadband networks.
All controls, all departments
The certification covers every part of COS Systems — not a single product or team. Risk assessments, access controls, and incident response procedures apply company-wide.
Supply chain visibility
ISO 27001 requires systematic assessment of third-party suppliers and sub-processors. We now have structured, documented oversight of every external dependency in our supply chain.
Built for a changing threat landscape
Threats against critical infrastructure operators have increased. Our ISMS gives us a structured, continuously improving framework for identifying and responding to them — for our own operations and for the networks we support.
What is ISO 27001?
ISO 27001 is the international standard for information security management systems (ISMS), published by the International Organization for Standardization. It specifies requirements for establishing, implementing, maintaining, and continually improving an ISMS.
Certification is not self-declared. It requires an independent audit by an accredited certification body. SBcert, which certified COS Systems, is accredited by SWEDAC under accreditation number 10127.
The 2022 edition introduced updated controls covering cloud services, threat intelligence, and supply chain security.
Certificate details
COS Systems Inc. and COS Systems AB
ISO 27001:2022
SE556830-8703
22 May 2026
30 April 2029
Scandinavian Business Certification AB
SWEDAC, no. 10127
Development, operation, and support of software for broadband network automation — including open access, field service management, and customer lifecycle processes, delivered globally
Verify at sbcert.se
Frequently asked questions
What does ISO 27001 certification cover at COS Systems?
The certified scope covers development, operation, and support of software solutions for automation and operation of broadband networks. This includes open access solutions, field service management, and customer lifecycle processes, delivered globally. All departments are within scope.
Does certification apply to all COS Systems products?
The certification applies to the management system governing COS Systems as a whole. The ISMS controls apply to the processes, systems, and personnel involved in developing and delivering COS Business Engine, COS Wholesale Engine, COS FSM, and COS Prospector.
How does ISO 27001 address supply chain risk?
ISO 27001:2022 includes explicit controls for supplier relationships and supply chain security (controls 5.19–5.22). COS Systems has implemented documented processes for assessing, contracting with, and monitoring suppliers that have access to our systems or process customer data.
Can I request documentation for procurement or compliance purposes?
Yes. Contact your COS Systems account manager or reach out through our website. We can provide the certificate and relevant documentation to support your due diligence or supplier qualification process.
How often is the certification renewed?
ISO 27001 certification follows a three-year cycle with annual surveillance audits. The certificate issued on 22 May 2026 is valid until 30 April 2029.
How can I verify the certificate?
Certificate validity is verifiable at sbcert.se. Certificate number: SE556830-8703. The certifying body, Scandinavian Business Certification AB, is accredited by SWEDAC under accreditation number 10127.
Security questions? Talk to us.
Whether you’re evaluating COS Systems as a vendor or conducting a security review, we’re ready to provide documentation and answer questions directly.
