Wellspring is ISO Certified. That’s a big deal.

November 15, 2019

As the leading innovation software company, we at Wellspring are committed to keeping up with the latest and leading information security standards. That’s why we are proud to announce our ISO 27001 certification.

It may not be obvious that “innovation” and “security” belong in the same sentence. But they do. Think about what’s at stake: Billions of dollars in research grants. Patent portfolios worth hundreds of millions. Corporate innovation programs breathing life into companies’ forward-looking strategies. Advanced new technologies representing the future of our economy.

In fact, it is our clients who demand we adhere to the strictest security standards. For them, innovation is too important to leave to chance. Given the stakes, Wellspring’s rigorous approach to information security is a no-brainer.

ISO has evolved through the years. Now ISO 27001:2013, it remains the gold standard for information security rigor. This standard specifies the creation of an Information Security Management System (ISMS) with a total of 35 security control categories and 14 clauses that will be used to manage information risks. The ISMS documents our internal procedures, including:

  • Information security policies
  • Organization of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • System acquisition, development & maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of BCM
  • Compliance

Through the past year, Wellspring as an organization evaluated all 114 controls divided in 14 clauses and 35 control categories to select applicable controls for our company. We completed a comprehensive control and have enhanced our current internal policies and procedures to incorporate the ISO 27001:2013 controls. Our software products for Tech Transfer, Innovation Management, and Intellectual Property Management underwent security enhancements to comply with the applicable controls. Wellspring then was certified compliant with ISO 27001:2013 by an accredited certification body.

If your organization takes innovation seriously, the security of your information must be a top priority. You don’t want critical information leaking to competitors about the potentially disruptive new technologies you’re incubating. You don’t want to place your future at risk. When a prospect pushes us on information security, we get excited. It’s an early indicator of a great new client.

Far from just “checking the box,” we encourage all organizations we work with – and indeed everyone who operates in the world of innovation and tech transfer – to be relentless and scrupulous in securing their information. It’s far more important than you might think.

To learn more about this certification or our other security policies, you can read our full privacy policy here.


ISO 27001 Certified Logo ANAB-IAF



Let's Talk