CS Computer Systems
home page contacts site map english
  »  Services & Solutions  »  IT Security Solutions  »  ISO 27001 Consultants
Services and Solutions
»   What we do
»   Computer Solutions
»   Communication Solutions
»   Audio & Video Solutions
»   IT Security Solutions
    »   Security & Data Protection
    »   ISO 27001 Consultants
»   IP Solutions
»   CRM
»   IT Consulting
»   Our Clients
Our References
We are proud of long-term relations we maintain with our clients. We are also pleased for having the privilege to work with top companies and for having contributed to their successful development.

 
ISO 27001 &  BS7799-2 Consultants Print version
It is a very demanding job to adjust internal procedures and regulations, even for organisations with a high level of security. The ISO 27001 Standard defines which security controls need to be implemented, but the way of implementation is to a large extent left to the company itself. Detailed prearrangements are needed that could last for several months.

These efforts can be minimised with the right approach and methodologies. Experts of the company CS Computer Systems have passed this demanding process and they are completely qualified with IT knowledge and familiarness of norm requirements to advise companies that would like to prepare themselves for the certification in accordance with ISO 27001.

BS7799 Consultancy according to ISO 27001 and BS7799-2

In November 2006 CS Computer Systems joined the prestigious group of global companies with the ISO 27001 Certificate as the first company in Croatia. This widely acknowledged standard of information security in the world, is developed as a response to the needs of all industry sectors, trade and public administration, in search for a common development basis and the appliance of a unique data security management system.

ISO 27001 is based on the BS7799-2:2002 Certificate by British Standards Institute which we also obtained as the first company in Croatia in 2004.

The philosophy established in norms is that for the appliance of the data security management system it is not enough to concentrate only on technology, but also to take into consideration deficiencies in business processes and risks connected to business. Therefore ISO 27001 is not only an IT standard, because information security is not only considered from the point of view of IT, but includes the corporative approach.

Advantages of certificated companies:
  • With the introduction of this standard, the company is obliged to ensure business data protection in all aspects of business in a way that it treats its own and its business partners´ data as secret, available and to protect their integrity.
  • Certificated companies round up their management concept with information security. The standard verifies whether the company has implemented and controls the information security management system at all levels.
  • All investments into information technologies are ensured by minimising the vulnerability of the IT system as the basic bearer of business data.
  • The certification also confirms that the company has adopted all relevant laws and regulations.
  • Clients and partners of certificated companies enjoy the greatest benefit, as they can confidently exchange data and are sure of being protected. The certificate increases thereby the credibility of the company and its market position.
ISO 27001 defines requirements for the establishment, appliance, maintenance and improvement of data security management systems. It regulates in detail what should be taken care of, from physical security through security procedures for employees up to information system protection.

ISO 27001 refers to data security stored or transferred in all types of formats - printed, electronic, mail, audiovisual and oral. It can be applied in companies of all size and to one department of a company as well. Taking into consideration that the Certificate requires reassessment every year, and recertification every three years, the introduction of ISO 27001 means a continuous process that requires permanent monitoring and improving.

ISO 27001 permits the implementation of additional security controls which are not comprised by the Standard, and the great advantage of the Standard is that it is adjusted to the standards ISO 9001 and ISO 14001. It can be transparently incorporated into companies which do already have implemented these standards.

Citations:

Pasko Labura, Director


”Two basic motives brought us to the certificate. The first motive was new knowledge we got through the certification procedure, increasing our competitiveness at the market. The second motive resulted from the necessity of additional business data protection. Business data are today an important asset and it is the responsibility of every company to reach a high level of information security. We are proud of CS Computer Systems being the first Croatian holder of the international certificate in information security.”

Goran Kapic, Security Department Manager


“The ISO 27001 norm put together all our knowledge about information security into one unique system, a kind of “tools box“. If the air condition gets out of order, what will happen to our servers? They will turn off. What will happen to data? They will not be accessible. What if a fire breaks out? How much time will be needed to start business again at another location? When we put together the information system according to ISO 27001 norm, all risks are reduced to a minimum and business can be started again as soon as possible.”

 
home page | our profile | services and solutions | our partners | support integrated information technologies
CS Computer Systems © 2009 | All rights reserved | Contact us