As a part of our policy for continuous information security improvement, TSD has obtained an ISO/IEC 27001:2005 . ISO/IEC 27001:2005 formally specifies a management system that is intended to bring information security under explicit management control. The adopted Information Security Management System demonstrates thorough compliance with regulatory and contractual requirements regarding data security, privacy, and IT governance.
In line with the successful acquisition of ISO 27001:2005 certificate, TSD is privileged to be able to provide services to clients from various industries, including financial, military, and others maintaining and demanding strict IT management policies, standards, and procedures.
Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the following standards:
- Security policy – management direction
- Organization of information security – governance of information security
- Asset management – inventory and classification of information assets
- Human resources security – security aspects for employees joining, moving, and leaving an organization
- Physical and environmental security – protection of computer facilities
- Communications and operations management – management of technical security controls in systems and networks
- Access control – restriction of access rights to networks, systems, applications, functions, and data
- Information systems acquisition, development, and maintenance – building security into applications
- Information security incident management – anticipating and responding appropriately to information security breaches
- Business continuity management – protecting, maintaining, and recovering business-critical processes and systems
- Compliance – ensuring conformance with information security policies, standards, laws and regulations
