For design, construction and maintenance of electrical installations, telemetry and automation systems; Equipment delivery, production and commissioning of the automatic system management and instrumentation, servicing and maintenance of systems and equipment; Sales, service and maintenance of IT equipment and printing systems according to ISO/IEC 27001:2013.
In order to fulfill these obligations and ensure the appropriate level of control necessary to demonstrate compliancewith the adopted processes, our policy is to maintain a functional and effective information security management system that is established, maintained and improved in accordance with the requirements of the ISO 27001 standard. Information security management system, including adopted and approved policy, statement of applicability and related documents, is published on the company server and is available to all employees.
ISO/IEC 27001 is an international standard for information security that provides requirements for information security management system (ISMS). The requirements include addressing people, processes and technology within the organisation. ISO/IEC 27001 international standard for information security, ensures that the organisations are reducing risks and threats in technology and undereducated employees regarding information security.
ISMS is a system for managing organisation information security. ISMS is a set of policies and procedures that systematically control organisation's private and sensitive data. Furthermore, it enables managing, supervising and elevating information security policies in order to prevent data breach and malicious attacks.
Information security is the foundation of today's businesses. It's important to build a safe information security system by implementing international standards for information security. ISO/IEC 27001 is developed by the best experts in field of information security. This standard's purpose is to provide efficient methodology for organisations to implement. If a certificate is granted to the organisation, it proves that an independent certification body confirmed successfully implemented information security methods. ISO/IEC 27001 prescribes how to organize information security systems in any organization, regardless of size, type, non-profit or for-profit or if it is a private or a state organisation. This standard's main goal is to provide norms for managing information security in means of protecting important data from misuse, damage or loss. This standard specifies requirements for implementing and continuously improving organization's information security management system.