The certification body (OS) of the management systems of the State Research and Development Institute of Cyber Security Technologies provides services for the certification of Management Systems for compliance with the DSTU ISO/IEC 27001 standard "Information technologies. Information security management systems. Requirements".

The service is relevant for critical infrastructure facilities, banks, financial organizations, insurance companies and any other companies that wish to protect the information resource on which the reputation of the organization and the stability of its activities depend. Information protection is one of the key priorities if sensitive information is present in business processes. Senior management is responsible for the organization of activities (management system), and mainly for information security. The main task of information security is to establish possible threats to information (confidentiality, integrity, availability), to determine the choice of methods that will ensure data protection and full control over information resources. Requirements for the construction of an information security management system are determined by the state standard DSTU ISO/IEC 27001.

The certification body, as a third party, confirms the compliance of the management system implemented in the organization (enterprise) with the requirements of the standard. The result of the certification procedure is the issuance of a certificate of conformity. The certification body is responsible for the issued certificates and carries out supervision during its validity. In general, the validity period of the certificate is 3 years, in the future, re-certification is carried out.

The certification procedure includes conducting audits for compliance with the standard, providing recommendations, and conducting annual surveillance audits during the validity of the certificate. Works are performed by experienced auditors with the involvement of experts of the State Research and Development Institute of Cyber Security Technologies.

The certification body does not provide consulting and management system implementation.

To order certification of the management system, send a written request to the email address: cab_ictip@cip.gov.ua