The seal of trust ensures that Unicamp's subsidiary company has the best practices in data and information protection, raising the level of security and trust. 

Griaule, a Unicamp subsidiary specializing in biometric recognition solutions, has just received ISO 27001 certification, consolidating its good information security practices. The seal awarded to Unicamp's subsidiary requires the implementation of security controls for data and information protection, making the company's processes more secure and efficient, and also protecting customers and partners from internal and external threats, such as cyberattacks and data leaks.

“The collection of biometric data is classified by the LGPD (General Data Protection Law) as sensitive data and, therefore, requires an even more robust level of protection. Achieving ISO 27001 certification is the result of our efforts to strengthen security and constantly seek greater protection for digital data, both inside and outside the country," says Thiago Ribeiro, Business Director at Griaule.

ISO 27001 is an international standard created by the International Organization for Standardization (ISO) in partnership with the International Electrotechnical Commission (IEC). It describes how to manage information security in an organization, pointing out best practices and establishing an international standard for data protection and risk management.

To achieve certification, the organization must implement an Information Security Management System (ISMS), which involves everything from defining policies and responsibilities to continuously assessing and addressing risks. In addition, the company must demonstrate compliance with a set of 93 security controls provided for in the standard, covering areas such as organizational controls, personal security, physical security, technology, incident management, business continuity, and cryptographic protection. Certification is only granted after independent audits confirm that the ISMS has been effectively implemented, maintained, and improved.

The certificate is valid for three years, but the company undergoes annual audits that require improvements in the information security management system, ensuring continuous updating with best security practices. A survey by Price Waterhouse Cooper (PwC) found that ISO 27001-certified companies reduce the incidence of cybersecurity incidents by up to 39%.

“ISO 27001 is an extremely significant achievement and is aligned with Griaule's culture, in addition to strengthening its performance with large corporations and government agencies, which require this seal from their suppliers. The standardization of processes and data facilitates information sharing between organizations, improves operational efficiency, and contributes to strengthening security management, reducing the risk of security incidents that can cause financial and reputational damage," says Ribeiro, from Griaule.

About Griaule

Griaule is the largest company in the Americas specializing in biometric recognition systems. It promotes research and innovation in partnership with Unicamp and has been developing technology for over 20 years that ensures the reliability of identity cards and elections. It has also created a biometric solution for investigation used by the Federal Police, a kind of "Brazilian CSI."

The company has more than 4,000 customers in over 70 countries, including Brazil's Superior Electoral Court and the U.S. Pentagon, as well as several state governments, such as Rio Grande do Sul, Santa Catarina, and Bahia.

Griaule has twice been recognized by the Financial Times as one of the 500 fastest-growing companies in the Americas, in the "America's 500 Fastest Growing Companies" list. It was alsoa finalist for the Unicamp 2025 Entrepreneurs Award, winning the trophy in the "Highest Growth (Scale-up)" category.

Unicamp subsidiary

Griaule is a subsidiary of Unicamp. This ecosystem includes ventures founded by people who have or had ties to the University, such as students, alumni (former students), faculty, employees, or former employees, as well as startups that were incubated at Incamp or created from technology developed at the University, known asacademic spin-offcompanies. 

Inova Unicamp is now accepting registrations to map new companies in its ecosystem. Registration is free.Visit the website and learn how to make your company a Unicamp affiliate.

This content was published by the UNICAMP Ventures news portal on January 15, 2026, available at this link.