Nowadays, information is one of the priority resources which often decides about the final success, and modern organizations acquire, accumulate and process an increasing amount of information. The loss or unauthorized use of information entails not only business-related but also image-related losses.
Additionally, regardless of whether an organization is an economic or public entity, it must meet numerous legal, organizational and technical requirements in the field of processed information protection. These include, among others, the Act on combating unfair competition, the Act on protection of personal data, the Labour Code or the Penal Code. Subsequent legal requirements for the protection of information impose on individual organizations specific legal acts related to the nature of their activities. This concerns work-related secrets such as trade, banking, brokerage, statistical, medical, etc.
Among legally protected information, the most common is personal data (employees and clients), which is processed in virtually every organization. What is the guarantee that all necessary legal requirements related to information protection are met?
Having an implemented and maintained Information Security Management System in accordance with the PN-EN ISO 27001 standard is a guarantee that information security management processes are carried out correctly and guarantee full safety, meeting the requirements of Polish legislation. Additionally, the implementation of the standard’s recommendations is the starting point to meet the requirements of GIODO.
Inprogress sp. z o.o. has developed a comprehensive offer that includes:
– designing a unique Information Security Management System that is adapted to the needs of a specific organization, while meeting the requirements of ISO/IEC 27001:2014,
– making system documentation,
– providing consultancy assistance during the implementation of the System into the organization’s practice,
– preparing the organization for an external certification audit.
Our offer in the field of Information Safety in accordance with ISO 27001 includes:
Performing an information safety audit (also in a partner or executive organizations, or an organization with which you plan to cooperate, but it is necessary to obtain information on how to secure the entrusted information).
As part of the offer, our specialists will prepare a report containing, among others:
We also perform:
Conducting internal audits is the responsibility of an organization with any management system based on ISO standards.
One of the basic requirements for performing audits is the obligation of the auditor’s independence from the area being verified. In most organizations, it is very difficult to maintain such objectivity – after all, an audit employee is an employee of the company in which he performs the audit. He verifies the work of his colleagues with whom he spends a lot of time. How can he really be objective in this situation?
Inprogress sp. z o.o. offers the service of performing audits in organizations as a completely independent entity.
At the same time, we take over the functions of an internal auditor (auditors, audit teams), and the very performance of audits becomes an outsourcing process.
As part of the service we perform:
Provision of maintenance and development services of the Information Security Management System
As part of the service, Inprogress sp. z o. o. offers comprehensive services related to the maintenance and development of the ISO systems.
Thus, all tasks related to the work performed by the management representative for the management system can be transferred outside the organization to an entity with relevant experience, knowledge, tools, techniques and technology necessary to maintain and develop your systems.
This way, the scope of the classically understood outsourcing has been expanded to include a new industry – ISO systems, and you can benefit from the advantages of this solution, reducing costs, increasing profitability and purposefulness of your business, as well as focusing on new challenges.
During the service, Inprogress sp. z o.o. will carry out all activities necessary to maintain and develop your ISO systems.
Our service is not only the money you can save, but also a faster and more efficient way of operating, engaging your attention only at key, pre-defined and agreed decision-making points.
As an expert external entity, in addition to standard activities related to maintenance and development of the systems, we indicate all gaps where the processes can be optimized in the context of more efficient operation of your organization.
Our service saves money, time, your energy and is a guarantee of reliability.
Advantages of implementing an Information Security Management System in accordance with ISO/IEC 27001:2014
Do you want to get the information about discounts and news in Inprogress? Leave us your e-mail and stay up-to-date!