Commitment to Quality

  • ISO 9001:2008 Quality Management certified one-stop manufacturing facility

  • ISO/IEC 27001:2013 Information Security Management Systems Certified


ISO/IEC 27001:2013 Information Security Management Systems Certified


The objective of ISO/IEC 27001:2013 is to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System". ISO/IEC 27001:2013 is the updated version of the British Standard for Information Security Management Systems, BS 7799-2:2002. The standard covers all types of organizations. It is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

IRIS Corporation Berhad (IRIS) has been awarded the ISO/IEC 27001:2013 certification in recognition of its standardized best practices and effective information security management system (ISMS) for digital identity security across the organisation.

The ISO/IEC 27001:2013 certification demonstrates IRIS’S obligation to leverage on domestic and international expertise to embrace global standards of service provision in compliance with applicable regulatory requirements to further its business objectives and scientific goals, and provide superior quality to its sponsors.

The standard ensures controls are in place to reduce the risk of security threats and to avoid system weaknesses being exploited. It will also help IRIS to develop a business continuity plan that will minimize impact of any security breaches.

IRIS recognises the important of this certification and acknowledges that ISO/IEC 27001:2013 will ensure employees in the organisation-from management to technical staff-to get on the same frequency regarding goals, individual duties, improving communication and ultimately results.

In summary, this achievement signifies IRIS’S commitment to deliver the highest quality information security management system for our customers worldwide.


ISO 9001:2008 Quality Management certified one-stop manufacturing facility


ISO 9001:2008 specifies requirements for a quality management system where an organization needs to demonstrate its ability to consistently provide product that meets customer and applicable statutory and regulatory requirements, and aims to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.

ISO 9001:2008 sets out the criteria for a quality management system and is the only standard in the family that can be certified to (although this is not a requirement). It can be used by any organization, large or small, regardless of its field of activity.


In fact ISO 9001:2008 is implemented by over one million companies and organizations in over 170 countries. Where any requirement(s) of ISO 9001:2008 cannot be applied due to the nature of an organization and its product, this can be considered for exclusion.


The standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. Using ISO 9001:2008 helps ensure that customers get consistent, good quality products and services, which in turn brings many business benefits.