After two days of extremely urgent and professional working, along with the coordination of departments, namely Board of Directors, Information Security Department, Human Resources Department, and Software Development Department, specialists highly appreciated the company’s efforts in complying the ISMS of ISO 27001:2013 standards. Besides, the specialists also pointed out some weaknesses that need to be improved further the information security management system being applied at the company.
The BOD of SPLUS-SOFTWARE has extremely affirmed to support the necessary resources and to promote the management system implementation and maintenance according to ISO 27001.
The ISO 27001:2013 information security management system of the Company has been certified since August 2020, certainly achieved some improvements demonstrating the interest of and the participation of the employees. The corrective actions of the certification along with the surveillance assessment in 2021 have been effective, contributing to strengthening the information security work in accordance with regulations. In addition, the company should pay attention to handling the report recommendations stated in 2022, in order to solve the risks and improve the information security ensurance system at the company. The assessment team recommends that the certification should be maintained the ISO 27001: 2013 for the ISMS management system of SPLUS-SOFTWARE” – Specialists commented.
Maintaining certification and continuing subsequent improvements on ensuring the company’s information security according to ISO 27001: 2013 standards determines the company’s commitment of ISMS to customers, and demonstrates the decision of leaders in building the professional working environment by complying with international standards.