What can we do?
What can we do?
What can we do?
Information security
Information security management systems (ISMS) are specified in the ISO/IEC 27000 series of standards (in particular CSN EN ISO/IEC 27001:2014), including accompanying and supporting guidelines.
These are is a complete management systems that aim to enhance information security through three aspects:
-
Information integrity: ensuring accuracy and completeness
-
Availability of information: ensuring timeliness and accessibility
-
Confidentiality of information: ensuring that access is justified
ISMS applies to all organizations that need to ensure information security regarding the data they process, especially customers to whom they need to declare data security. The ISMS in place is suitable for preparation for a security audit according to the requirements of e.g. DCSO. Organizations with this certificate can demonstrate their ability to consistently apply security measures to protect investors to assure their partners of an adequate level of information security.
What we offer
-
Comprehensive services in setting up an information security management system
-
Implementation and maintenance of the management system
-
Advice and consultation according to your needs and requirements
-
Preparation of all necessary documentation according to the needs of the given ISO/IEC 27001, ISO/IEC 20000-1 standard (manual, declaration of applicability, organization chart, internal manuals, toolkits)
-
Employee training
-
Turnkey implementation of the information security management system
-
Ensuring all necessary activities related to obtaining ISO/IEC 27001 certification
-
External activities of auditors, information security managers, and cybersecurity managers
-
Comprehensive services in implementing and ensuring information protection in all its (not only legally required) forms
-
Preparation of risk analysis and implementation of appropriate measures at all levels (physical, logistical, personnel, communication, and organizational security)
-
The establishment of your organization's security policy
-
Prevention and resolution of information security incidents
-
Personnel security (human resources security) through employee training
-
The implementation and accreditation of ISO/IEC 27001 and information security management system
-
Advice and consultation according to your needs and requirements
-
Internal audits