ISO/IEC 27001:2013

ISO/IEC 27001 Information Management System


In our knowledge based economy information is invaluable.
ISO/IEC 27001 is a standard providing requirements for an information security management system (ISMS).

Using this standard will help your organization to manage security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.

What is an ISMS?
An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
We offer certification of ISMS for the following fields:

  • IT services,
  • Software engineering,
  • Database and data management services,
  • IT security services,
  • Finance,
  • E-commerce.

ISO/IEC 27001 requires that management:

  • Systematically examine the organization’s information security risks, taking care of the threats, vulnerabilities, and impacts;
  • Design and implement a coherent and comprehensive system of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.

The advances of ISMS:

  • Safety of information,
  • Harmony with other management standards (ISO 9001, ISO 14001),
  • Certified ISMS strengthens and increases trust towards the organization, decreases risks and related costs, helps to conform regulations and legal requirements.