CatSci Achieves ISO 27001 Certification, Demonstrating its Commitment to Client Data Security

CatSci is pleased to announce it has received ISO/IEC 27001 certification, the globally recognised standard for information security management systems (ISMS).

Scientific collaboration is increasingly digital and globally interconnected, and clients expect strong, demonstrable controls around data protection and information security. ISO 27001 provides independent confirmation that information security is managed through a structured, risk-based framework designed to protect sensitive information and support continual improvement.

“Our clients share their most valuable scientific assets with us, and that trust has to be earned and continuously maintained,” said Dr. Ross Burn, Co-Founder and Chief Executive Officer at CatSci. “ISO 27001 certification is our commitment, formally verified by an independent third party, that we have the systems, processes and culture in place to keep that data secure.”

For many pharmaceutical organisations, information security assessments are a standard part of onboarding. ISO 27001 helps address common requirements upfront, which can streamline due diligence and reduce administrative friction at the start of programmes. By satisfying the majority of information security requirements upfront, teams can get to the science sooner.

“We’ve always taken the security of our clients’ data seriously but what ISO 27001 gave us was a rigorous framework to examine, formalise and verify that. As the science we work on grows more complex, we want our clients to know their data is in safe hands.” said Dr. Simon Tyler, Co-Founder and Chief Commercial Officer at CatSci.

The work to achieve certification involved a thorough review of CatSci’s information risk landscape, the development of robust risk-based policies, and the implementation of a formal, auditable framework covering data access, backup procedures and incident response. CatSci’s information security framework encompasses:

• Formalised, audited policies for data access, backup, and incident response
• Ongoing employee awareness programmes to reduce human error
• Controlled protocols for information sharing with clients and third-party partners
• Regular internal audits and annual external surveillance audits to maintain certification

As cyber threats grow in sophistication, CatSci remains committed to ensuring its security practices keep pace. ISO 27001 provides a rigorous, independently verified foundation but certification is just a starting point. The framework is designed to evolve, and so is CatSci’s approach to information security. For clients, that means a partner who treats the protection of their data as an ongoing commitment.