The culture of computer security requires constant efforts to protect hardware and software.
A tangible corporate asset can be protected physically to a greater or lesser extent, while data protection represents a major challenge for the company. Information security is not a simple topic, it has a thousand implications: pitfalls are around the corner, well hidden and new malware, phishing and intrusion techniques are invented every day.
That’s why we decided to take the ISO27001 certification and after a few months, which saw us engaged in this process, we officially received the news from the body that conducted the audit.
But let’s start from the beginning:
ISO/IEC 27001 is an international standard containing requirements for setting up and governing an information security management system (SGSI or ISMS, Information Security Management System).
The reasons why we chose it are mainly two:
Information security is not a simple topic, it has a thousand facets: pitfalls are around the corner, well hidden and new malware, phishing and intrusion techniques are invented every day.
The focus must be on continuous improvement every day.
I would like to take this opportunity to thank all the members of the Security Team with whom I worked closely in the preparatory activities and with whom I collaborate constantly on this topic. I would like to thank all the atonpeople who actively and tirelessly contributed to the achievement of this goal.