Research and education communities across Europe rely on trust to support the flow of data, collaboration across borders, access to funding, and delivery of services at scale.
Against this backdrop, GÉANT’s ISO/IEC 27001:2022 certification represents an important step in aligning the organisation’s information security practices with the needs of the European research and education sector, as well as broader EU policy and funding frameworks. The certification provides external validation that GÉANT’s information security management is mature, transparent, and consistent with international standards, and that it is well-positioned to support stakeholders operating in increasingly complex digital and regulatory environments.
ISO 27001 outlines the requirements for an effective information security management system, guiding how risks are assessed and managed through policies, controls, and continuous improvement.
This certification brings practical benefits for the GÉANT community. In the context of EU-funded projects and public-sector procurement, compliance with ISO 27001 enhances GÉANT’s ability as a trusted partner. It supports eligibility in competitive funding environments, streamlines procurement by demonstrating due diligence, and helps meet the security requirements that are now routinely embedded in cross-border initiatives. At the same time, it directly contributes to the objectives of the EU Cybersecurity Strategy and Digital Decade, supporting GÉANT’s ongoing role in safeguarding Europe’s digital infrastructure and supporting secure, open collaboration at scale.
Supporting stakeholders with a shared foundation for security
For European NRENs, institutions, and consortia, GÉANT’s certification can increase confidence in how risks are assessed, data is managed, and services are governed. This shared foundation not only builds trust but reduces complexity, allowing organisations to integrate with GÉANT services more easily, exchange sensitive data securely, and demonstrate compliance through a recognised and respected standard.
“Achieving ISO 27001 certification is a statement of how we work, with integrity, transparency, and a proactive approach to risk. It reflects our culture as much as our systems,” says Ana Alves, Chief Information Security Officer at GÉANT. “This has been a cross-organisational effort grounded in accountability and collaboration, not just to meet a standard, but to create lasting value for the community we serve.”
Tryfon Chiotis, Chief Operating Officer for GÉANT comments: “The impact of achieving ISO certification also extends internally. Over the course of this two-year effort, we have embedded security practices more deeply into daily operations, strengthening governance, clarifying responsibilities, and improving resilience across the organisation. As a result, our teams are now better prepared to anticipate risks, respond to incidents, and continuously adapt in a changing threat landscape.”
Laying the groundwork for the future
Looking ahead, ISO 27001 provides a stable and scalable framework for growth. It signals GÉANT’s continued commitment to operational excellence and digital trust, while equipping the organisation to evolve with the sector: strengthening infrastructure security, enabling seamless service integration, contributing to Europe’s goals for a digitally sovereign and secure research and education environment.
As research and education increasingly rely on cross-border digital collaboration, this certification reinforces GÉANT’s position as a reliable and trusted partner, fully aligned with evolving EU priorities and standards.
