ISO 27001 – What does it mean for our company and clients
Recently we became ISO certified company thanks to the successful implementation of ISO 27001:2013 – Information Security Management System. This certificate has been awarded to us by TÜV Austria in February this year.
We spoke with Marko Arsenović, our Chief Operating Officer, about what this advancement means to our company, and, more importantly – to our clients.
What is ISO 27001 and why is it being introduced anyway?
The international ISO 27001 standard, also called the Information Security Management System, is a standard for the protection and security of information. As one of the most critical resources of today, information represents a particular value for our company. We are committed to taking care of it whether it is information about employees, projects or clients.
What does this standard actually include?
Each standard includes the definition and development of documents, policies, procedures and their implementation within the existing business of the company. ISO 27001 introduces information security policies, company security, control and classification of information and its sources, access control, secure communication and many other procedures and politics.
Who can benefit from ISO 27001 standard implementation?
The ISO 27001 standard is being introduced for the protection of the company and its business, to create greater trust among clients, build the integrity of the company and enable the protection from both internal and external factors.
By protecting the information that our company manages and processes, we protect our employees and internal projects, but also our clients and their projects and employees. This, of course, is of a great moment for JSGuru because we are an outsourcing company and our clients want to make sure they are collaborating with a trustworthy team.
Why should your new clients care for this change?
The implemented and respected ISO 27001 standard gives value to the company itself, especially in the segment of trust by new clients with whom the company has not previously communicated or done business. Cooperation with a company that has implemented the ISO 27001 standard brings several positive things for the other side: transparency, security, integrity, professionalism and business ethics with high respect for clients and their information.
You have been ISO certified by TÜV Austria. Tell us more about them.
In short, TÜV Austria is an ISO standard certification body that has issued us an official certificate confirming that our company has successfully implemented 27001 (i.e. that it has started this process by introducing a minimum of ISO 27001 requirements). The implementation of the standard is not final. This process is continually being improved, developed and refined.