From December 2018 to February 2019, an external audit for compliance with the ISMS standard ISO / IEC 27001: 2013 was held at the Intetics offices. As a result, the certificate was successfully extended confirming that the Company’s processes comply with international safety standards.
In addition to offices that already have certification (offices in Minsk and Kharkiv on Novgorodskaya Street have been externally audited since 2010), Krakow and the head office in Naples were added to the locations.
How does the audit work?
During the year, the Company must continuously maintain a set of protective measures and collect the evidence of their work. Towards the end of the period, an internal audit is conducted. According to the results of the audit, the company eliminate the deviations that have occurred, compiles an annual report and sets goals for the next period.
Afterward, auditors from the external supervisory authority arrive at the Company (Bureau Veritas in our case) to conduct an independent evaluation. Auditors visit all locations and draw up their conclusions in the summary report. After analyzing the report, Bureau Veritas decides on the extension of certification for the next year, thereby closing the previous year and starting a new one.
Why do we need this?
The successful certification confirms the high level of information security in our company.
“Certification is extremely important not only to ensure our own security but also to continue and develop our business, as the certificate significantly increases the level of trust from our customers,” shared our CIO & DPO Sergey Tchernyshenko. “Moreover, for some of them, having a certificate is a prerequisite for collaboration indicated in contracts.”