ODM Platform Security¶
Genestack operates an ISO27001:2022 certified Information Security Management System (ISMS), with operational security controls in place which are strictly adhered to, in order to underpin the development of Genestack products, how Genestack delivers its services to its clients, and how Genestack operates and protects the Genestack production environment in support of its clients.
The key documents and frameworks in-place to support Genestacks ISO27001:2022 ISMS are as follows:
| Document Name | Purpose | Owner | Last Updated |
|---|---|---|---|
| ISO27001 Certificate | Validates Genestack’s ISMS and information security compliance. | Chief Executive Officer | 16 July 2025 |
| ODM High Level Design | ODM platform high level design document, covering all aspects of design including security management. | Head of Engineering | 13 October 2025 |
| ODM Security Requirements | Describes the detailed security control requirements applied to the ODM platform. | Head of Engineering | 14 October 2025 |
| Information Security Policy | Defines Genestack’s high level security objectives. | Chief Executive Officer | 12 May 2025 |
| Operational Security Policy | Defines the policy for the operational security controls that underpin the development of Genestack products, how Genestack delivers its services to its clients, and how Genestack operates and protects the Genestack production environment in support of its clients. | Head of Engineering | 13 October 2025 |
| Cloud Service Provider Policy | Defines cloud-specific control requirements aligned with ISO/IEC 27017:2025 (‘ISO27017’), supporting secure service delivery and data protection. | Head of Engineering | 14 October 2025 |
| Terms of Reference for the Security Working Group | Defines how all aspects of Genestack’s ISO27001 Information Security Management System are managed, governed and audited on a perpetual basis. | Head of Engineering | 6 May 2025 |
| Software Development Life Cycle Policy | Establishes a policy for a Software Development Lifecycle (SDLC) framework and related software application development methodologies and tools that are essential components in the management, development and delivery of software applications to support Genestack needs and services. | Head of Engineering | 6 May 2025 |
| Access Control Policy | Addresses the security requirements for all user login accounts on Genestack information assets by Genestack staff. | Head of Engineering | 3 February 2025 |