IBA Certified to STB ISO/IEC 27001Ц2011

IBA Minsk became the first company in Belarus that certified its information security management system to the requirements of STB ISO/IEC 27001–2011 (ISO/IEC 27001:2005) standard.

On January 22, IBA Minsk participated in a special ceremony where Valery Gurevich, Director of the Belarusian State Institute for Standardization and Certification (BelGISS), handed over the certificate to Sergei Levteev, IBA Group President. The certificate is registered #1 in the Register of the National System of Conformity of the Republic of Belarus.

 

IBA certifies its information security management system to STB ISO/IEC 27001-2011

In 2012, IBA took the following steps to enhance its information security:

  • Conducted intensive training in information security for the company's employees
  • Identified the main assets of IT company and assessed IT risks
  • Developed technical requirements on protection of IT assets
  • Implemented additional measures on information protection
  • Ensured continuous monitoring of compliance with information security requirements.

IBA implemented an up–to–date system of information security management for research, design, development, production, maintenance, integration, installation, and customization of computer software. The system complies with the requirements of STB ISO/IEC 27001–2011 that is identical to the international ISO/IEC 27001:2005 standard.

The enhancement of the information security management system (ISMS) is aimed at:

  • Developing procedures and actions to ensure safety of our customers' data while implementing their corporate information systems
  • Choosing relevant tools of information security to protect information and IT assets and to ensure the trust of stakeholders
  • Providing business continuity
  • Identifying major threats to existing business processes and vulnerabilities in the information security system
  • Estimating risks and making decisions based on the company's business goals
  • Implementing the information security policy, namely monitoring weak spots and fixing them in the information security system
  • Defining personal responsibilities
  • Optimizing costs for ISMS support
  • Enhancing customer confidence and company's reputation
  • Complying with contractual obligations and regulatory requirements of legal acts
  • Maintaining proactive risk management
  • Maintaining and continuously improving ISMS
  • Confirming compliance of ISMS with the requirements of STB ISO/IEC 27001.

Sergei Levteev, IBA Group President, comments: “The certification of the IBA Information Security Management System is an important step for our company because we work with real information systems of our customers and with real data that cost many times more than the information systems. Our customers should be confident that their data are secure. All over the world, the ISMS certificate is a standard requirement for a contractor when creating information systems. Unfortunately, this is not the case in Belarus so far. Being the first company to obtain the certificate of conformity, we have become pioneers in the area and I hope that our example will serve as an urge for introduction and development of information security management systems by IT companies in Belarus.”

IBA certifies its information security management system to STB ISO/IEC 27001-2011