Novelis renews its ISO 27001:2022 certification and strengthens its commitment to cybersecurity 

At a time when cyberattacks are multiplying and data protection has become a strategic priority, Novelis takes a new step in its cybersecurity journey: we have just renewed our ISO 27001 certification, version 2022. 
This international recognition confirms the robustness of our Information Security Management System (ISMS) and our commitment to safeguarding the data of our clients and partners. 

Why ISO 27001 is a mark of trust 

ISO 27001 is the leading international standard for information security management. It ensures that certified companies implement rigorous processes to prevent risks, protect sensitive data, and strengthen their resilience against cyber threats. 
In a context where information system security is the first line of defense against malicious attacks, ISO 27001 provides a real guarantee of trust: it ensures both the security of information and the protection of personal data that may be processed. 

What’s new in the 2022 version 

Our certification renewal is based on the latest version of the standard, ISO 27001:2022, which brings major changes: 

• 93 controls instead of 114, for a clearer and more modern approach 

• the integration of new requirements related to cloud, personal data, and Zero Trust 

• strengthened risk management regarding suppliers and partners 

These updates reflect the standard’s adaptation to emerging threats and to regulatory requirements such as GDPR. 

A collective success at Novelis 

This renewal is the result of cross-department collaboration — marketing, sales, operations, R&D lab, HR… All teams worked together, guided by our Cybersecurity department, to ensure the success of the process. 
This collective effort reflects our commitment as a responsible company and our determination to make security a cornerstone of our strategy. 

A strong commitment to our clients and partners 

By achieving this certification, Novelis reaffirms its ability to: 

• reliably protect the data entrusted to us 

• anticipate threats and stay at the forefront of international standards 

• strengthen client and partner trust in our solutions and services 

“ISO/IEC 27001:2022 certification is not an endpoint, but a strategic lever. It embodies a systemic and proactive approach to information security. For us, it goes beyond compliance: it is a living framework that pushes us to continuously raise our practices and ensure the resilience of our systems in the face of tomorrow’s challenges. This spirit of adaptation and vigilance shapes our ability to anticipate risks and maintain unwavering trust in our solutions.” — WD 

Our priority: to provide a secure, high-performing, and fully compliant environment with the highest cybersecurity standards.