Firstance has always recognized the importance of certifying its processes, ensuring all stakeholders that work with the company the commitment to service quality and security—two key aspects the market consistently associates with the brand.
At the beginning of 2019, certifications for both ISO 9001:2015 and ISO/IEC 27001:2013 were granted by an external certification authority.
Since then, annual reviews have been conducted by the certification authority. These activities have been instrumental in continuously improving our focus, especially considering the steady growth of our business and managed processes
Recurring audits are conducted annually with the support of an external security provider. These audits include:
FA’s goal is to maintain a failsafe system that requires no remediation. The web platform adheres to the highest security standards, ensuring full data encryption, high reliability, resource availability, and scalability. All data is stored within the EU, in compliance with current GDPR regulations.
Firstance’s internal IT policy mandates that a complete Vulnerability Assessment (VA) and Penetration Test (PT) be performed on the applications by an external security provider at least once a year or with any major platform release. This policy has been strengthened due to the extensive use of cloud services, including a security review of the cloud account to ensure it meets the highest market standards. The most recent VA/PT and AWS account review were completed in July 2024. The next reviews are scheduled for August 2025 (standard yearly review) and January 2026 (review planned due to platform frontend re-engineering)