ISO/IEC 27001 is a standard for information security, published as an international standard in October 2005, and updated in 2013 by the International Organization for Standardization and the International Electrotechnical Commission.
It specifies the requirements that a company must observe in order to establish, implement and improve its own information security management system.
Inprosec has been certified in ISO 27001 since 2013 after passing a rigorous analysis by Lloyd’s Register Quality Assurance (LRQA). This fact proves Inprosec´s commitment to information security management, protecting the information it processes and worrying about maintaining and increasing the level of security achieved using an ongoing improvement plan.
The outreach of Inprosec’s Information Security Management System encompasses the activities of the organization related to SAP consulting services and information security.
Inprosec Information Security Management System is based on the following premises:
- Promote the continuous improvement, providing all the necessary resources, specially focusing on the achievement of the company’s goals.
- Comply with all the legal and regulatory requirements applicable.
- Foster the mitigation of risks and the reduction of their potential effects on Inprosec activities, which could lead to information security failures considering the loss of confidentiality, integrity and/or availability of information assets.
In order to achieve these principles, Inprosec’s management formulates security objectives and monitors them, verifying their compliance and executing actions whenever the compliance is threatened.The fact that Inprosec is certified in ISO 27001 proves to be a guarantee of the quality of the work that Inprosec develops in the area of security audits with its clients.