The area of information security is becoming more and more important every year. Organizations have to deal with a number of risks associated with information leakage, whether from information systems or physical data leakage. It is necessary to have these risks mapped and to be able to respond to them adequately over time.
Information protection is vital for any organization. It is about protecting your knowledge, but also your reputation. In addition to these facts, it is necessary to meet the new legislative conditions, non-compliance with which may have liquidation consequences for the organization.CeMS s.r.o., together with world-quality partners such as Eset, is able to ensure information security in accordance with legislation as well as the international standard ISO/IEC 27001 focused on the information security management system.
TISAX is a standard defining information security requirements that has been binding on suppliers to the German automotive industry since 2008. TISAX is a mechanism for evaluating and exchanging security information for organizations. Members of the automotive industry association VDA have developed a catalogue of information security requirements, which follows the requirements of the international standard ISO/IEC 27001 and reflects the specific requirements of the automotive industry.
Slovakia, as a member of the European Union, has adopted a new European Parliament regulation on the protection of personal data, the so-called GDPR, since May 2018. This brings new obligations and significant changes to the organization. CeMS ensures for its customers a professional transition to the new regulation in the field of personal data protection, prepares the necessary documentation and, if necessary, also provides DPO services.
The security project defines the scope and method of technical, organizational and personnel measures necessary to eliminate and minimize threats and risks affecting the information system in terms of threats to its security, reliability and functionality. The controller, whose information system processes special categories of personal data, is obliged by law to have a security project developed.
Organizations that are fully dependent on information technology should have developed so-called Business Continuity Management. It is a set of activities that need to be performed in the event of a disruption of normal operations, accidents or other crisis situations. The organization prepares disaster recovery plans in advance for individual possible risks and thus reduces the consequences that will occur in the event of an accident or contingency situation.