OREANDA-NEWS. February 01, 2013. IBA became the first company in Belarus that certified its information security management system to the requirements of STB ISO/IEC 27001-2011 (ISO/IEC 27001:2005) standard, reported the press-centre of IBA.

On January 22, IBA Minsk participated in a special ceremony where Valery Gurevich, Director of the Belarusian State Institute for Standardization and Certification (BelGISS), handed over the certificate to Sergei Levteev, IBA CEO. The certificate is registered #1 in the Register of the National System of Conformity of the Republic of Belarus.

In 2012, IBA took the following steps to enhance its information security:

Conducted intensive training in information security for the company’s employees

Identified the main assets of IT company and assessed IT risks

Developed technical requirements on protection of IT assets

Implemented additional measures on information protection

Ensured continuous monitoring of compliance with information security requirements.

IBA implemented an up-to-date system of information security management for research, design, development, production, maintenance, integration, installation, and customization of computer software. The system complies with the requirements of STB ISO/IEC 27001-2011 that is identical to the international ISO/IEC 27001:2005 standard.

The enhancement of the information security management system (ISMS) is aimed at:

Developing procedures and actions to ensure safety of our customers' data while implementing their corporate information systems

Choosing relevant tools of information security to protect information and IT assets and to ensure the trust of stakeholders

Providing business continuity

Identifying major threats to existing business processes and vulnerabilities in the information security system

Estimating risks and making decisions based on the company’s business goals

Implementing the information security policy, namely monitoring weak spots and fixing them in the information security system

Defining personal responsibilities

Optimizing costs for ISMS support

Enhancing customer confidence and company’s reputation

Complying with contractual obligations and regulatory requirements of legal acts

Maintaining proactive risk management

Maintaining and continuously improving ISMS

Confirming compliance of ISMS with the requirements of STB ISO/IEC 27001.

Sergei Levteev, IBA CEO, comments: “The certification of the IBA Information Security Management System is an important step for our company because we work with real information systems of our customers and with real data that cost many times more than the information systems. Our customers should be confident that their data are secure. All over the world, the ISMS certificate is a standard requirement for a contractor when creating information systems. Unfortunately, this is not the case in Belarus so far. Being the first company to obtain the certificate of conformity, we have become pioneers in the area and I hope that our example will serve as an urge for introduction and development of information security management systems by IT companies in Belarus.”