News

Achieved ISO/IEC 27001 and ISO/IEC 27701 Certification, Establishing a Security-and-Privacy Governance Framework

intelligent document processing, Privacy Management

ISO/IEC 27001: Building the Foundation for Information Security Management

ISO/IEC 27001 is a globally recognized standard for information security management. It emphasizes a risk-based approach and establishes a security control framework spanning people, processes, and technology. By achieving this certification, Wentong Cloud has put in place systematic management mechanisms in the following areas:

  • Access control and role-based permission management
  • Information asset identification and risk assessment processes
  • Security incident response and continuous improvement mechanisms
  • Encryption controls for data in transit and at rest

This framework provides institutional assurance for platform stability and the security of customer data.

ISO/IEC 27701: Strengthening Privacy Governance on Top of the Security Framework

ISO/IEC 27701 is a privacy information management standard that extends the ISO/IEC 27001 framework by adding privacy requirements for personal data controllers and processors. Achieving this certification means Wentong Cloud has:

  • Established end-to-end lifecycle management for personal data
  • Clearly defined processing purposes, scope, and data minimization principles
  • Strengthened cross-border data processing controls and compliance review mechanisms
  • Enabled customers to meet international privacy regulations such as the GDPR

Security and privacy are no longer managed separately; they operate together under a unified management system.

The Practical Value of Dual Certification

  • 1. A Unified Governance Framework:Information security and privacy protection operate within a single management system, reducing the risk of fragmented compliance.
  • 2. Stronger Trust for Collaboration:Provide customers and partners with auditable, verifiable evidence of robust governance capabilities.
  • 3. Enhanced Operational Capability:Through institutionalized risk assessments and continuous improvement mechanisms, improve platform stability and management transparency.

Safeguarding Intelligent Document Automation

As a technology platform focused on Intelligent Document Processing (IDP), Wentong Cloud handles large volumes of sensitive data across enterprise finance, trade, insurance, and government services use cases. Dual certification ensures that:

  • Customer document data is not used for model training by default
  • Processing is fully traceable end to end
  • Private-cloud and on-premises deployment options are supported
  • Automation operates within established compliance frameworks

Information security and privacy governance are prerequisites for scaling automation into production—not optional add-ons. Wentong Cloud will continue to strengthen its security and privacy management system, maintaining the right balance between technological innovation and compliance governance to deliver a trusted intelligent document automation platform for enterprises.