Tilaa wants to underline that it’s taking data security and quality insurance very seriously. That why we’ve started a project to certify for ISO 27001 (Information security) , PCI-DSS (Payment industry data security) and ISO 9001 (Quality assurance). The goal is to get certified for these standards in the first half of 2014.
ISO 27001 (Information security):
A standard developed by the International Organization of Standardization (ISO), that ensures a implementation of a information security management system (ISMS). ISO 27001 is seen as an international benchmark for the level of data security within a company. ISO 27001 uses a topdown, risk-based approach and will contain:
1. Risk assessment
2. Security policy
3. Organization of information security
4. Asset management
5. Human resources security
6. Physical and environmental security
7. Communications and operations management
8. Access control
9. Information systems acquisition, development and maintenance
10. Information security incident management
11. Business continuity management
PCI-DSS (Payment Industry Data Security Standard):
This standard is developed by four major credit card companies, (MasterCard, Visa, American Express and Discover) and is intended to protect cardholders against misuse of their personal information. PCI-DSS has 6 main objectives.
1. To have a completely secure network
2. Securely store credit card and cardholder information
3. Protection agains malicious software and viruses
4. System access control and restriction
5. Network monitoring
6. Implementation and documentation of strict security policies
ISO 9001 (Quality Management):
A standard developed by the International Organization of Standardization. (ISO) The goal of this standard is to ensure customer satisfaction trough deliverance of quality products and services.
The upcoming weeks we will do an internal audit with Noordbeek BV, a company specialized in IT audit services for these standards.