This is an international standard concerning Information Security System Management, aimed at ensuring the security of stored and processed public information.
The standard is addressed mainly to IT companies, subcontractors of IT services, banks, educational and medical facilities, and public administration organizations. Implementation and ownership of the certified PN-ISO 27001: 2017-06 system contributes to the improvement of the organization's activities by: organically committed errors, reduction of costs related to the lack of document transparency, security of IT resources, strengthening of customer confidence, improvement of control over threats related to IT resources. Ownership of the ISO 27001: 2017-06 Certificate, depending on the industry, gives you the opportunity to obtain additional points in tenders, contract with the NFZ and apply for various types of subsidies.
The order of IMPLEMENTATION of ISO 27001:
- zero audit - a consultant / auditor gets acquainted with the functioning of the organization,
- indication and training of a person to perform the function of: Plenipotentiary for the Management of the Information Security System,
- preparation of implementation for compliance with the standard: preparation of documentation, quality records, consideration of procedures,
- auditing audit,
- preparation for the certification audit.
The ISO 27001: 2017-06 CERTIFICATION takes place in several stages:
- pre-audit - an external auditor from the selected certification body gets acquainted with the organization's documentation to check whether all the requirements of the standard have been implemented,
- the auditor assesses whether all elements of the standard have been implemented,
- audit - examining how the system functions in reality after implementation
- issuing a report,
- issuing instructions on the possibility of awarding the Certificate.
The ISO 27001: 2017-06 certificate is issued for a period of three years, in the second and third year a supervision audit is carried out. Once the three years have passed, the recertification audit is carried out. Joining this audit confirms the organization's long-term commitment to the Information Security Management System.
IF YOU ARE INTERESTED IN THE ISO 27001 CERTIFICATE
feel free to contact us: