SaM Solutions Obtains Certificate of Compliance with ISO/IEC 27001
We are pleased to announce that SaM Solutions has successfully passed the audit and obtained the ISO/IEC 27001 certificate, thus confirming the compliance of the company’s information security management system (ISMS) with international requirements. The audit was carried out by the German company TÜV Thüringen e.V.
What Is ISO/IEC 27001
ISO/IEC 27001 is an international standard that contains the world’s best practices regarding information security and requirements for creating, developing and maintaining ISMS. Like all ISO standards, it is based on the Deming Cycle (PDCA — Plan, Do, Check, Act).
This approach allows verifying system compliance with the requirements for internal and external audits and helps seamlessly integrate the ISMS into the overall management system of any organization.
Benefits of Acquiring the ISO/IEC 27001 Certificate
The issued certificate of compliance with ISO/IEC 27001 provides the following advantages to the company and its clients:
- Confirms the high level of information security provided by a complex of technical and organizational measures
- Enhances the company's reputation in foreign and domestic markets
- Allows for identifying security threats and eliminating them in accordance with business processes and legislation
- Provides effective system management
- Clearly defines personal responsibility
- Offers customers a guarantee of data privacy
What Has Been Done at SaM Solutions
Most of our clients are European and American companies, so we are obliged to comply with the requirements of applicable international law. One of the mandatory requirements for an enterprise is the Information Security Management System implementation.
SaM Solutions has developed and implemented the system in accordance with ISO/IEC 27001 and GDPR (General Data Protection Regulation) and integrated it with the ISO 9001 quality management system. This will help us remain competitive and guarantee each customer’s data security at all levels.
Information security guarantees are reflected in the public policies of our company:
- Information security management system policy
- Third-party information security policy
- Natural persons protection policy regarding personal data processing
- Personal data processing declaration
The created system requires the company to perform the following cycle of procedures:
- Risks management — identification and consideration of risks, development of a response strategy, change monitoring.
- Ensuring compliance with the requirements of the standard — classification of assets, implementation of physical and information security measures.
- Provision of internal audits — checking the efficiency and effectiveness of operations, confirming system compliance with laws and regulatory requirements, monitoring asset security.
- Continuous improvement — feedback from management, performance analysis and further development.
We have defined data protection requirements in our company based on the international regulatory documents, as well as on the legislation of the Republic of Belarus.
SaM Solutions’ customers can be sure that their data is in good hands, as the company complies with modern international security standards.