ISO 9001 illustrates a clear holistic approach to QMS and emphasizes the importance of ensuring the quality of services. Furthermore, ISO 27001 is a specification for an ISMS. The HEEACT adopts the ISMS framework of policies and procedures, which includes all legal, physical, and technical controls involved in an organization’s information risk management processes. Most HEEACT staff also receive training for the IQA process of ISO. Both ISO9001 and ISO27001 certifications are re-examined annually and renewed every 3 years. The HEEACT has renewed both ISO certifications in October 2020.The policies regarding HEEACT work and service quality as well as information security management are as follows:

Work and Service Quality Policy:

• Enhance professional QA practices and capacity building
• Promote higher education internationalization and global networking
• Strengthen organizational effectiveness and sustainability

Information and Cyber Security Policy:

• Ensure the continuity of operations through robust information and cyber security management
• Raise information and cyber security awareness and mitigate risks