Talk with Expert : +38 (050) 230 84 90

Information security

  • Home
  • Information security
Awesome Image

Our contacts

  • +38 (050) 230 84 90
  • smdistance@gmail.com
PDF. Download

Information security

Our company provides complex services for preparing companies for Information Security Certification. We also offer services for organizing certification, supervisory and internal audits.

Awesome Image

Experience

We have experience in the following areas:

  • IT / design, support
  • Banks
  • Data centers
  • Financial institutions
  • Mobile operators
  • Accounting services

Areas of work:

  • ISO/IEC 27001

    ISO/IEC 27001 «Information security, cybersecurity and privacy protection — Information security management systems — Requirements» is part of the ISO/IEC 27000 Series of standards and belongs to the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This is an international standard that establishes requirements for the creation, implementation, support and improvement of the ISMS in the context of the organization, as well as for the continuous assessment of information risks and risk management.

  • ISO 20000

    ISO 20000 defines the requirements for the service management system of the service provider, the implementation of which provides guarantees of the quality of IT services for consumers.

  • ISO 9001

    ISO 9001 Standard «Quality Management Systems. Requirements» - defines the requirements for the quality management system of organizations. The standard is general and can be applied by any organizations, regardless of their form of ownership, size, products supplied and services provided.

  • PCI DCC

    PCI DSS (Payment Card Industry Data Security Standard) is the data security standard of the payment card industry. The standard was developed by the Payment Card Industry Security Standards Council, established by the international payment systems: Visa, MasterCard, American Express, JCB and Discover.

  • SOC2

    The System and Organization Controls (SOC) 2 report is based on the Accreditation Services Criteria (TSC) established by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). The report is the conclusion of an independent third-party audit firm, which is conducted to evaluate the organization's information systems related to security, availability, processing integrity, privacy and data protection.

  • HIPAA

    The Act (HIPAA) establishes requirements to protect confidential patient data by establishing standards for the electronic exchange and confidentiality and security of patient health information.

  • GDPR

    GDPR (General Data Protection Regulation) is the general regulation of the European Union for the protection of personal data. The Regulation contains the basic rules for collecting, processing and storing personal data.

  • TISAX

    TISAX (Trusted Information Assessment Exchange) – developed on the basis of ISO/IEC 27001 requirements for automotive industry enterprises. TISAX participants exchange information on the information security status of another participant in the form of results of certification body assessments on the online platform.

  • ISO 22301

    This standard establishes requirements for creating and managing an effective business continuity management system (BCM). The ISO 22301 standard can be applied by any organization, regardless of size, type of activity and ownership. Nevertheless, the implementation of the standard in the field of business continuity management is especially relevant for organizations that operate in conditions of increased risk, for example, in manufacturing companies that place their production in different regions, in the public sector, in the field of finance, transport, telecommunications, where the ability to continue its activities is important both for the organization itself and for its customers and stakeholders.

  • Cyber Essentials

    Cyber Essentials is a UK Government Program which is a set of five controls that organizations implement to achieve a baseline level of cyber security: 1) secure configuration; 2) network screens; 3) access control; 4) protection against harmful Software; 5) patching.

  • Cloud Security Alliance (CSA) STAR

    The Cloud Security Alliance (CSA) is a non - profit organization that provides recommendations for ensuring the security of the cloud environment and enabling potential customers to make informed decisions when moving IT operations to the cloud.

Awesome Image

What is ISMS?

ISMS (Information Security Management System) is a set of measures for managing confidential information in the company: ensuring its security, storage, accounting and access to the company's internal documents and databases.