BlackLine Systems Achieves Prestigious ISO/IEC 27001 Security Certification

Enterprise-class financial close software company first in category to comply with stringent information security standards, protocols following 2-stage, multi-year, 3rd-party audit

**LOS ANGELES – Oct. 23, 2013 –**Enterprise-class financial SaaS (Software-as-a-Service) company BlackLine Systems has become the first provider of account reconciliation and financial close software to secure the highly regarded and difficult to attain ISO/IEC 27001 certification, confirming that the company meets or exceeds the latest information security industry standards and also maintains and enforces robust and effective policies and procedures to ensure the security of the data managed by its flagship Financial Close Suite. BlackLine joins an elite group of only about 8,500 organizations worldwide that are currently certified.

The ISO/IEC 27000 series (of which 27001 is a critical part) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to provide best practice recommendations on information security management, risks and controls within the context of an overall Information Security Management System (ISMS) – similar in design to management systems for quality assurance (the ISO 9000 series) and environmental protection (the ISO 14000 series).

Following a process that took more than a year, the British Standards Institute (BSI), the governing body behind the ISO/IEC 27001, determined that BlackLine’s ISMS meets and exceeds the stringent requirements for ISO/IEC 27001 certification.

“The increasing frequency and sophistication of cyber security attacks and data breaches have made it more critical than ever for organizations to proactively secure their internal IT environments, as well as outward, client-facing systems and effectively comply with regulations and standards such as ISO/IEC 27001,” said Mario Spanicciati, EVP of Operations and executive director of EMEA for BlackLine Systems. “Keeping our clients’ confidential information safe is our No. 1 priority. The third-party assessment and certification from BSI is testament to the work we’ve done to make this happen.”

The certificate is issued after a comprehensive two-stage audit, beginning with a review of the organization’s preparedness for assessment by checking if the necessary ISO/IEC 27001 procedures, policies and protocols have been developed. Then, when all the requirements are in place, BSI assesses the implementation of these procedures within the organization to make sure they are working effectively as required for certification.

Earlier this year, BlackLine became the first account reconciliation and financial close software provider to successfully complete a SOC 2 (Service Organization Control) Type 2 examination and third-party audit – adding even greater focus on controls related to the security and availability of the BlackLine Financial Close Suite.