ISO 27001 Aligned File Tools
File processing tools designed for organizations maintaining ISO 27001 certification. Zero data at rest. No server processing. No vendor risk to assess.
ISO 27001 and File Processing Tools
ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). Organizations certified to ISO 27001 must ensure all tools that handle information assets meet their security controls — including PDF and file conversion tools.
Traditional online file tools (iLovePDF, SmallPDF, Adobe Acrobat Online) upload files to their servers, creating supplier risk that must be assessed under Annex A controls. MiOffice eliminates this entirely — files never leave your device, so there is no supplier relationship for file processing to assess.
MiOffice is not ISO 27001 certified — but our architecture eliminates the information security risks that ISO 27001 controls are designed to mitigate. No data at rest, no data in transit (for files), no supplier risk.
Annex A Control Alignment
A.8.10 — Information Deletion
No information to delete. Files are processed in browser memory and released when the tab closes. No server-side storage exists.
A.8.11 — Data Masking
No data to mask. File contents never reach our infrastructure. There is no database, no log, no cache containing user file data.
A.8.12 — Data Leakage Prevention
Zero data leakage surface. Files cannot leak from our servers because they never reach our servers. Verifiable via browser DevTools.
A.5.19 — Supplier Information Security
MiOffice is not a data supplier/processor. No supplier security assessment needed for file processing — your browser is the processor.
A.5.23 — Cloud Services Security
No cloud services used for file processing. All computation happens client-side in WebAssembly. Only static page assets are served.
A.8.24 — Use of Cryptography
TLS 1.3 for page delivery. HSTS preload enforced. No file data in transit to encrypt because files never leave the device.
A.5.12 — Classification of Information
All files are treated as confidential by default — they never leave the user's device regardless of classification level.
A.8.9 — Configuration Management
No server-side configuration for file processing. Client-side WASM modules are immutable, versioned, and integrity-checked.
Applications
Merge PDF
Combine confidential documents without server exposure
Compress PDF
Reduce file sizes within your security perimeter
Protect PDF
Encrypt documents with AES-256 password protection
PDF Editor
Edit documents without cloud processing risk
Split PDF
Extract pages without full-document server exposure
PDF to Word
Convert without third-party data handling
Word to PDF
Create PDFs locally within your ISMS boundary
Excel to PDF
Convert spreadsheets without data exposure
Keep your ISMS boundary clean
Process files without adding supplier risk to your ISO 27001 scope.