A secure environment for your data
Nowadays data is the most important asset of any business. Because we want to manage your information in the best way possible we have chosen to obtain the ISO 27001 certification. Research shows that cybercrime is seen as the biggest threat to companies today. We must not, of course, remind you of the damage from WannaCry and Petya. With the ISO 27001 standard we can guarantee that your information is securely managed, both online and offline.
The ISO 27001 is the fastest growing standard in a society in which data is the most important good. It is a process-based approach to identify, deploy, execute, monitor, maintain and improve information security. When you achieve the certificate you can prove that your organisation meets the international standards for securing information. It is our purpose to be able to demonstrate that Tigron lives up to the highest possible requirements when it comes to your most precious good.
The road to ISO 27001
The process to obtain the certificate begins with a baseline assessment. It gives you insight into the current situation of your organisation and what it takes to fulfil the requirements of the ISO standard. The next step is a risk analysis that you can achieve by using the ISO 27002, which is a add-on on the ISO 27001. The goal of the risk analysis is to take the necessary measures for securing the information. There is, of course, always taken into account the cost of the implementation and the risk. If you have gone through all this you can set up a ISM(Information Security Management). Usually the ISM contains following elements:
- Policy (management)
- Organizational (responsibilities)
- Business resources (infrastructure, network, systems and other operating resources)
- Personnel(House rules, errors, theft, fraud, abuse)
- Physical (locks, fire protection)
- Communication and operation (management of systems, processes and procedures)
- Access control (password, biometrics)
- System and software development and maintenance (documentation, processes)
- Continuity (emergency services)
- Regulation (Law Computer Crime, Data Protection Act)
When all these checks are done you will have a system that perfectly suits your organisation. The management of the company will then draw up a declaration of conformity that will serve as a starting point in order to get certified.
Tigron is already preparing for optimal information security. Once the internal audits have taken place and the necessary improvements have been made the certificate can be obtained. Finally, it is our goal to show you that your information is protected according to the highest international standards.