LAKE ZURICH, IL (January 6, 2026) |
Dovenmuehle Mortgage, Inc. (DMI), a leading mortgage subservicing company, announced today that it has received the ISO/IEC 27001 certification from NSF International Strategic Registrations (NSF-ISR), an NSF company. ISO/IEC 27001 defines global benchmarks for information security management systems (ISMS). Achieving this certification demonstrates that Dovenmuehle has established and maintains comprehensive, independently verified controls to identify, assess and mitigate data security risks across its operations.
The ISO/IEC 27001 certification follows the successful completion of DMI’s 2025 Service Organization Control (SOC) 1® Type 2 and SOC 2® Type 2 audits. While the SOC audits attest that specific controls exist at a given point in time, ISO/IEC 27001 indicates continuous maintenance and improvement of the company’s ISMS across operations through ongoing audits.
This accomplishment reflects DMI’s continued efforts to strengthen its technology foundation, governance practices and risk management framework, underscoring the company’s commitment to providing secure, compliant servicing solutions for its clients.
“Our clients and their borrowers trust us with their most sensitive data, and ISO/IEC 27001 certification demonstrates that we take that responsibility seriously,” said Chief Information Security Officer Art Harvey. “This achievement builds upon our SOC audits, showcasing Dovenmuehle’s proactive approach to managing information security risk through rigorous controls, transparency, and a culture of continuous improvement.”
"Through having a comprehensive set of controls, Dovenmuehle is able to better execute their business objectives knowing they have an information security management system in place,” said Tony Giles, Director of Information Security, NSF. “The certification benefits not only internal stakeholders and employees but also customers as Dovenmuehle now has controls in place to better protect data.”
DMI’s Governance, Risk and Compliance (GRC) team led the initiative to prepare for certification, with GRC Manager Daniel Maslowski overseeing the work to align controls, documentation and continuous-improvement processes across the organization.
“ISO/IEC 27001 certification validates the strength and maturity of Dovenmuehle’s information security management system and the discipline behind how we manage risk,” said Maslowski. “It reflects a yearlong effort to standardize and continuously improve our controls to better protect our clients’ and their borrowers’ most sensitive data.”