ISO 9001 illustrates a clear holistic approach to QMS and emphasizes the importance of ensuring the quality of services. Furthermore, ISO 27001 is a specification for an ISMS. The HEEACT adopts the ISMS framework of policies and procedures, which includes all legal, physical, and technical controls involved in an organization’s information risk management processes. Most HEEACT staff also receive training for the IQA process of ISO. Both ISO9001 and ISO27001 certifications are re-examined annually and renewed every 3 years. The HEEACT has renewed both ISO certifications in October 2020.The policies regarding HEEACT work and service quality as well as information security management are as follows:

Work and Service Quality Policies:

• HEEACT conducts higher education accreditation and professional services with integrity and continuous improvement.
• HEEACT promotes its international cooperation and recognition, and keeps being in alignment with international standards to broaden mutual recognition and influences.
• HEEACT conducts staff capacity building projects, activities and trainings to enhance the professionalism and culture of accreditation.
• HEEACT carries out research with local and foreign institutes, develops itself to be the think tank, conducts self-reflection on its strategic plans and strives towards excellence

Information Safety Management Policies:

• HEEACT implements information security management to protect the confidentiality and availability of the assets and to ensure the continuous operations and its sustainability.
• HEEACT conducts information security training to enhance the information security capacity among the staff.