SNP Poland (before BCC) has started implementing ISO 27001 – the latest issue of the international norm that defines the rules of Information Security Management. Currently no company in Poland has this norm yet.
ISO 27001 standard was published in the fall of 2005, replacing the British BS7799-2 norm. The system includes all the issues related to protecting the data created, stored and processed in the company. The objective of the implementation is verifying and strengthening the security with regard to the sources of potential danger, which can be either people, business processes or technologies. Implementing the system is part of procedures related to creating Business Continuity Management, which help the company to react quickly to all crises and even unpredictable disasters, eg. fire, flood or construction disaster.
Information is one of company’s key resources which ensures its proper operations and must be protected. ISO 27001, the latest and strictest norm, defines a set of requirements in confidentiality, integrity and availability of information. The clients who entrust SNP Poland with their IT systems in outsourcing along with critical data now receive the guarantee of system security and improve the stability of their business.
”Ensuring the continuity of operations of the IT systems entrusted to us while at the same time guaranteeing the security of data and confidentiality of the information processed are SNP’s top priority and the most important obligation toward our clients. Implementing the Information Security Management System that conforms with the ISO 27001 norm will be the best possible guarantee for our clients and ourselves,” said Waldemar Sokołowski, Outsourcing Department Director in SNP.
Implementing ISO 27001 concerns SNP Outsourcing Department that provides services for 30 clients. They include full SAP system outsourcing, SAP administration and SAP application service.