CROC Re-Certified to ISO/IEC 27001:2005 International Standard
OREANDA-NEWS. July 05, 2010. CROC has announced that its Information Security Management System has been re-certified to ISO/IEC 27001:2005 international standard. The audit conducted by the British Standards Institution (BSI) confirms CROC’s high level of information security.
“Information is one of the company’s key assets and its protection is a high priority. Compliance with the ISO 27001 standard allows a company to maintain and protect its information assets and, in my opinion, is important for a large number of different businesses. This certificate also guarantees a high quality of service and reliable information protection for companies which outsource information management services to a third-party supplier,” said Valery Girko, Auditor of BSI.
“CROC’s Information Security Management System is primarily based on information risk management. The fact that we regularly assess risk and develop security solutions means that our Information Security Management System is constantly being improved—a process that is recognized by annual certification renewals,” said Mikhail Bashlykov, Head of CROC’s Information Security Division.
The ISO/IEC 27001:2005, ‘Information technology, security techniques, information security management systems requirements’ international standard was developed by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). The standard sets requirements for the development, implementation, operation, monitoring, analysis, support, and improvement of documented Information Security Management System within the company’s existing business process environment.