Information Security Management System audit (ISO/IEC 27001)
Information security is an integral part of any organisation.
In the activities of public institutions and businesses, we implement methods for effective protection against threats to valuable and often legally protected data. Information security management should be integrated with other processes in the organisation, while ensuring the proper effectiveness of organisational and technical security.
An audit of the Information Security Management System in accordance with ISO/IEC 27001 enables an independent assessment to be carried out by ISO/IEC 27001 certified auditors who are accredited by IRCA (International Register of Certified Auditors) and the Polish Centre for Accreditation of ISO/IEC 27001 Lead Auditors.
In particular, an organisation needs an audit if:
- it has implemented an Information Security Management System within the meaning of ISO/IEC 27001 standard
- it is a public institution and is subject to the requirements of: the Regulation of the Council of Ministers of 12 April 2012 on the National Interoperability Framework, minimum requirements for public registers and exchange of information in electronic form, and minimum requirements for ICT systems,
- it is a company or a public institution that is a subject to the requirements of the Act of 5 July 2018 on the National Cybersecurity System.
We have been auditing for over 15 years
We know how and what to ask to obtain an objective picture of the situation. Take a look at our client list and ask us about our experience. Find out what you can achieve by effectively managing your audit programme.
