Certifications, Compliance & Contracts
Minority, Woman-Owned Small Business
Fast 100 USPAACC (US Pan Asian American Chamber of Commerce) Businesses
The Capital Novus accounting and billing systems are DCAA Compliant.
International Standards Organization (ISO) Certification
Capital Novus is an ISO certified company and conforms to the highest international standards for quality planning, quality assurance, and quality control.
ISO 9001:2008 is now established as the most widely accepted standard for providing assurance about the quality of services a company provides to its customers. As a Certified ISO 9001:2008 company, Capital Novus brings expertise to meet quality management needs and customer requirements more efficiently and effectively, ensuring increased customer satisfaction.
ISO 27001:2013 is the highest information security certification. Compliance to this standard ensures Confidentiality, Integrity, and Availability of data. Capital Novus conforms to the ISO requirements for an information security management system (ISMS) designed to ensure the selection of adequate and proportionate systems architecture and security controls to protect valuable information assets and give confidence to customers worldwide.
EU-U.S. Privacy Shield & U.S. –Swiss Safe Harbor Self-Certified
Some of the key data & information security practices followed at Capital Novus include:
- Ensuring compliance with laws and regulations.
- Process framework for the implementation and management of controls to ensure that the specific security objectives of an organization are met.
- In-house Servers are protected using access control devices and monitored using CCTV.
- No removable media is provided on operator workstations.
- Every operator and Server activity is logged and monitored.
- The network is immune to any unauthorized access/hacking through an active Firewall.
- Servers are equipped with dual high-speed CPUs and RAID.
- Authenticated Server Access for Privileged Users only.
- Strong Password Policy & Password Aging.
- Inactive Session Terminations.
- Data Partitioning with appropriate access rights.
- User Activity Auditing.
- No hand baggage, no printed material, no internet access or data storage media is permitted in production area.
- Workstations do not have slots to access data through removable media.
- Employees are trained on privacy and data security norms of the organization.
- All employees sign a confidentiality agreement before joining the company.
Crown Commercial Service Supplier
Capital Novus Federal Contracting Vehicles
Schedule 70 Contract #: GS35F0674V: Valid Through August 31, 2019
Group 36 Contract #: GS-03F-043AA: Valid Through February 28, 2018
ID/IQ NITAAC CIO-SP3
CIO-SP3 Small Business Services/Solutions Contract Valid Through 2022