The International Organization for Secure Commerce was founded with some very high ideals, an ambitious mental picture of our future success, and lots of enthusiasm. The founders wanted to make sure the mission of the organization, our vision for the future, and the values that guide our actions were clearly defined for all to see. The result is the statement below. The Board of Directors sincerely hopes that our membership will share our high ideals and enthusiasm, and that they will never hesitate to speak up if the IOSC strays from the standards we have established

The IOSC is a not-for-profit corporation dedicated to developing and promoting secure business standards and practices which facilitate trade and commerce, promote regulatory compliance, and enhance the security of organizations and communities.

The IOSC will be seen as a positive force for international trade and business security for businesses and governments worldwide by establishing secure commerce standards and protocols and offering certification of individuals and organizations. We will maintain the highest standards of honesty and conduct our business in the open.

The methods through which the IOSC will fulfill its mission include: Professional association Standards development Benchmarking Education Certification Government liaison and outreach

The following values will guide the operations of the organization:

• Integrity; we will keep our word and follow our rules.
• Transparency; information about the financial and operational status of the organization will be readily available to its stakeholders.
• Confidentiality; confidential client and employee data will be safeguarded.
• Security; we will follow our own security protocols at all times.
• Diversity; a diverse membership and board of directors will help us fulfill our mission.

These are the principles on which we will base our standards:

• Security is a process, not a destination, and is based on an organizations goals and operating environment.
• Security, like quality, is a business improvement process that adds value, reduces costs, and provides competitive advantage.
• Security and regulatory compliance are part of the obligation each organization has to its stakeholders and community.
• Cooperation between businesses and regulatory agencies is beneficial to both parties.
• Education is a critical part of any security program.
• Constant review and revision are needed for effective standards and certifications.