• News
• Pressroom
• Pressreleases
• 2008

S&T Bulgaria has obtained the international certificate ISO/IEC 27001:2005

Implemented Integrated Management System

In July 2008, S&T Bulgaria successfully passed the second stage of the certification audit, meeting the requirements of the internationally organized Information Security ISO/IEC 27001:2005 standard, conducted by the auditors' team of Moody International under the accreditation of UKAS.

With the completion of this stage, S&T Bulgaria has implemented an Integrated Management System, which includes the requirements of ISO 9001:2000 and ISO/IEC 27001:2005 – two standards that combine the best worldwide practices for Quality and Information Security Management.

The key concept of ISMS is for an organization to design, implement and maintain a coherent suit of processes and systems for effectively managing information security, thus ensuring the confidentiality, integrity and availability of information assets and minimizing information security risks. It is based on the PDCA model, which can be applied to all organization processes.

S&T Bulgaria is one of the first IT companies in Bulgaria to receive this certificate, which adds to the value of services offered and specific benefits, such as:
- increasing chances for participation in tenders and competitions
- enhancing the trust on behalf of clients, contractors, invenstors, employees, the management and owners of S&T Bulgaria that information they handle is reliably protected and the management system of this protection is adequate and effective
- reducing financial losses by securing business continuity; managebility, reliability and transparency of processes
- demonstrating compliance with legal and regulatory framework
- commiting to information security on all organization levels
- improving the image and increasing the reputation of the organization

This certificate is a result of the significant support and insight of S&T Bulgaria's management into the fact that information, support proccesses, systems and networks are important assets for business and they need to be properly protected and maintained.