Tevora Achieves ISO/IEC 17020 Accreditation

Irvine, CA – October 14, 2019 –  Tevora’s cybersecurity services have earned accreditation for the International Standards Organization/International Electrotechnical Commission (ISO/IEC) 17020:2012 standard, which defines requirements for quality and competence of bodies performing inspection services. The accreditation was granted by the internationally-recognized American Association for Laboratory Accreditation (A2LA) and positions Tevora as a top tier provider of Federal, Risk, and Penetration Testing services.

The accreditation covers Tevora’s inspection processes for conducting enterprise security and compliance-based assessments in the following areas:

  • Enterprise Security Risk Assessments via NIST Risk Management Framework and NIST 800 Special Publications
  • Defense Federal Acquisition Regulation Supplement (DFARS) via the NIST SP 800-171
  • NIST Cybersecurity Framework
  • NYS DFS via 23 NYCRR 500
  • Mitre ATT&CK(™)
  • Framework and Penetration Testing Execution Standard (PTES)

“Getting these services accredited with the ISO 17020 quality management standards demonstrates Tevora’s commitment to quality as we take the next step towards becoming a Third Party Assessment Organization (3PAO) for our FedRAMP customers,” said Jeremiah Sahlberg, Managing Director of Tevora’s Federal Practice.

Tevora is the first organization to earn ISO 17020 accreditation for both the NYS DFS (23 NYCRR 500) requirements and the Mitre ATT&CK Framework and Penetration Testing Execution Standard (PTES). Compliance with the 23 NYCRR 500 regulation is required for banking, insurance, and financial organizations operating in the state of New York. Performing quality penetration testing is critical step that Cloud Service Providers should take to ensure they can confidently apply for and maintain FedRAMP authorization.

Achieving ISO/IEC 17020 accreditation of Tevora’s inspection processes is further evidence of our ongoing commitment to building and maintaining quality cybersecurity services for our clients.

About Tevora

Founded in 2003, Tevora is a specialized management consultancy focused on cybersecurity, risk, and compliance services. Based in Irvine, CA, our experienced consultants are devoted to supporting the CISO in protecting their organization’s digital assets. We make it our responsibility to ensure the CISO has the tools and guidance they need to build their departments, so they can prevent and respond to daily threats.

To learn more about Tevora please visit www.tevora.com or email PR@tevora.com.


Skylor Phillips, PR Coordinator