South Korea will overhaul its Information Security and Personal Information Protection Management System certifications, making ISMS-P mandatory for key personal data processing systems and tightening audit methods. The Ministry of Science and ICT and the Personal Information Protection Commission will introduce a three-tier system: enhanced, standard and simplified certifications. The plan also strengthens on-site verification, technical testing and post-certification monitoring, with some measures applied in the second half of this year and broader changes from 2027.

Online testing platform company Grepp said on Tuesday it has obtained South Korea’s Information Security Management System and Personal Information Protection Management System (ISMS-P) certification. Grepp said the certification objectively proves its data management capabilities and the strength of its personal information protection system. The company provides tailored talent development solutions based on education and assessment data accumulated through its developer growth platform Programmers.