MODLR wins BSI security certification for its platform

MODLR has achieved ISO/IEC 27001 certification from the British Standards Institution, covering its information security management system.

Widely used as a benchmark for information security management, the standard provides external validation of MODLR's controls, governance processes and risk management approach across its platform, infrastructure and internal operations.

MODLR provides cloud-based corporate performance management software for planning, forecasting, reporting and business modelling. The certification follows work across the business to formalise security practices and document how risks are identified, managed and reduced.

The move comes as buyers of finance and planning software face closer scrutiny over how technology suppliers handle sensitive operational and financial data. Procurement teams, particularly in regulated sectors, are placing greater weight on evidence of governance, auditability and information protection when assessing software vendors.

Security benchmark

ISO/IEC 27001 sets out requirements for establishing, maintaining and improving an information security management system. Certification is intended to show that an organisation has a structured framework for managing information security risks and has been independently assessed against it.

For software companies serving finance teams, such certifications can influence vendor selection and contract reviews. Corporate performance management systems often sit close to budgeting, forecasting and reporting processes, where users may store commercially sensitive figures, planning assumptions and operational metrics.

Ben Hill, Founder of MODLR, described the process as a company-wide effort.

"Achieving ISO/IEC 27001 certification required a company-wide effort to embed security across our platform, infrastructure and internal operations," Hill said.

"This certification confirms that our security controls, risk management processes and governance framework have been independently audited and validated by BSI. It formalises the standards we have been building toward and reinforces our long-term commitment to protecting customer data and maintaining strong security practices across the business."

Customer assurance

The certification is intended to provide added assurance to customers using MODLR's software for business-critical financial and operational processes. It also supports customers' own governance, risk and compliance requirements in sectors where data protection and operational resilience are important.

That matters because cyber security expectations have risen across software supply chains. Companies buying cloud applications are under pressure to understand not only product features and pricing, but also how vendors manage security incidents, internal controls and compliance obligations.

MODLR said the certification reflects documented processes and a continuous improvement approach to information security. The company operates from Sydney, London and Wellington, serving organisations that use cloud-based tools for financial planning and analysis.

Hill said the certification has implications for customers as well as for the company's internal standards.

"For MODLR customers, this means stronger protection of their financial and operational data, independently validated security practices, enterprise-grade governance and risk management, and an ongoing commitment to continuous improvement."

"I'd also like to acknowledge the effort from our team and the support of our customers throughout this process. Achieving certification is an important milestone, but maintaining strong security is an ongoing responsibility."