By : Mohamed Elkholy

Kwai announced it gained the ISO/IEC 27701 and ISO/IEC 27001 certification in Egypt as well as multiple countries in the Middle East, Latin America, Southeast and South Asia.

ISO/IEC 27701 and ISO/IEC 27001 is an international standard on how to manage information security. ISO/IEC 27701 is a privacy extension to ISO/IEC 27001 with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS). For Kwai, that proves that it is handling personal data with the worldwide standards recognized in the industry.

Calvin Liu, head of Kwai Compliance, Communication Experience and Partnership, says, “This certification reflects Kwai’s social responsibility and commitment to user information security, marking that Kwai has reached the international advanced level”.

The ISO/IEC 27701 and ISO/IEC 27001 detail requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure.

The independent third-party auditor performed a series of rigorous checks to confirm that Kwai’s controls, global security, and risk operations met the highest standards, evaluating how the platform protects its development, infrastructure, operations, and services, ISO 27001 requires that management:

• Systematically examine the organization's information security risks, taking account of the threats, vulnerabilities, and impacts;
• Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
• Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis.

Zhang Hua, Head of Kuaishou Information Security, says, “Achieving the ISO 27701 and 27001 certification is another step in our comprehensive security journey. Kwai will continue to increase investment in the field of information security, strengthen privacy security protection, continuously improve itself with technological and management innovation, deepen the construction of an information security compliance system, and provide users with more secure and credible services”.