ISO 27001 - Information Security Management System

ISO/IEC 27001 is an internationally recognized standard for Information Security Management System. The standard applies to all organizations to which information is a measurable value or its protection is a legal requirement. The spectrum of these organizations is therefore very broad: companies, banks, public administration on different levels, public healthcare organizations, non-profit organizations.

Information security as defined in ISO 27001 is not limited to information stored in electronic form on your computer, but for all information processed in any form, for example: printed or written on paper, stored electronically on any medium, processed in different systems and processing environments, sent via traditional mail and e-mail, recorded in images, videos, sound or passed during a call.

Regardless of the form of information processing and the methods and tools used, the ISO / IEC 27001 standard helps organizations to create appropriate conditions for the protection of information. That should be adequate to the corresponding risk of loss, damage or declassifying information.

According to the Standard, information security should always be considered via three aspects:

confidentiality of information - understood as ensuring that only authorized persons or entities have access to the information,
integrity of information - understood as ensuring that the information is complete (does not include exclusions that may affect the proper understanding of media information),
the availability of information - understood as ensuring that authorized users have access to information at all times when it is necessary to carry out their tasks.

When all requirements of the ISO/IEC 27001 standard are met, and it can be so proven by internal audits, the organization may proceed to an external audit. This external audit should be carried out by a third party – accredited certification body.

Certification will be carried out in 2 Stages. Stage 1 covers document review and Stage 2 checks the functioning of management system within the company.

During the ISO/IEC 27001 certification the auditor will focus on reviewing:

the information security policy,
statement of applicability,
risk analysis methodology,
documented security procedures,
if the work methods and practices that are employed are in accordance with procedures and the established security goals,
that appropriate records are kept.

After positively completing the certification the Auditor shall recommend that a certificate for ISO 27001 is issued and registered.

The next steps are surveillance audits which are aimed to assure that the management system continuous to be effective, is being improved and still in compliance with ISO/IEC 27001 standard.

ISOQAR has an individual pricing approach for each Client. We take into consideration many factors before we make a proposal.

To get a proposal please complete the on-line form or call our office.

ISOQAR CEE sp. z o.o z siedzibą w Warszawie, adres: ul. Wąwozowa 11, 02-796 Warszawa, NIP 9512091016, wpisana do Krajowego Rejestru Sądowego prowadzonego przez Sąd Rejonowy w dla m.st. Warszawy, XIII Wydział Gospodarczy Krajowego Rejestru Sądowego pod numerem KRS: 0000178492, wysokość kapitału zakładowego: 50.000,00 zł

Projekt i realizacja:

Media Solutions Group&Web Development

Regulamin plików cookies

Klauzula informacyjna newsletter

In accordance with Article 13(1) and (2) of the General Data Protection Regulation of April 27, 2016 (hereinafter GDPR), I hereby inform you that:

1. The administrator of your personal data is ISOQAR CEE sp. z o.o., with its registered office in Warsaw, at ul. Wąwozowa 11, 02-796 Warsaw, NIP 9512091016, entered into the National Court Register kept by the District Court for the Capital City of Warsaw, XIII Commercial Division of the National Court Register under KRS number: 0000178492.

2. The Administrator has appointed a Data Protection Officer, Mr. Krzysztof Radtke, who can be contacted by e-mail at: iod@isoqar.pl.

3. Your personal data will be processed for the following purposes:

• To respond to a request for quotation, pursuant to Article 6(1)(f) GDPR. More information available at the link.

• To contact you for the purpose of providing marketing and commercial information, pursuant to Article 6(1)(a) GDPR.

• To pursue the Company’s legitimate interests, consisting of establishing or pursuing claims or defending against claims, pursuant to the Company’s legitimate interest (Article 6(1)(f) GDPR).

4. The recipients of your personal data will be the partners and employees of the Administrator, within the scope of their official duties and based on authorization.

5. Your personal data will not be transferred to any third country or international organization.

6. Your personal data will be stored until the end of cooperation or until you withdraw your consent.

7. You have the right to access your personal data and the right to rectify, erase, restrict processing, the right to data portability, the right to object, and the right to data portability.

8. You have the right to lodge a complaint with the supervisory authority—the Personal Data Protection Office—if you believe that the processing of your personal data violates the provisions of the GDPR.

9. Providing your personal data is voluntary, however it is necessary in order to execute the subject of the agreement / it is necessary due to specific legal provisions (the processing of personal data is a statutory requirement). If you do not consent to the processing of your personal data, the Administrator may refrain from concluding the contract.

10. Your data will not be processed in an automated manner, including profiling. This means no decisions that produce legal effects concerning you, or significantly affect you in a similar way, will be based solely on automated processing of personal data, nor will such automated decisions be made.

Cookie Policy

Cookies (so-called "cookies") are computer data, in particular text files, which are stored on the end device of the Service User and are intended for using the websites of the Service. Cookies usually contain the name of the website from which they originate, the time of their storage on the end device and a unique number.
The entity that places cookies on the end device of the Website User and obtains access to them is the operator of the Website: Isoqar
Cookies are used for the following purposes:
1. adapting the content of the Service's web pages to the User's preferences and optimizing the use of the web pages; in particular, these files enable the Service User's device to be recognized and the web page to be properly displayed, tailored to their individual needs;
2. creating statistics that help understand how Service Users use websites, which enables improving their structure and content;
3. maintaining the Service User's session (after logging in), thanks to which the User does not have to re-enter their login and password on each subpage of the Service;
4. adapting advertising content in graphic form (Display Ads) using Google Analytics remarketing
The Service uses two basic types of cookies: "session cookies" and "persistent cookies". "Session" cookies are temporary files that are stored on the User's end device until logging out, leaving the website or turning off the software (internet browser). "Persistent" cookies are stored on the User's end device for the time specified in the cookie parameters or until they are deleted by the User.
The following types of cookies are used within the Service:
1. "essential" cookies, enabling the use of services available on the Website, e.g. authentication cookies used for services that require authentication on the Website;
2. cookies used to ensure security, e.g. used to detect abuse of authentication within the Service;
3. "performance" cookies, enabling the collection of information on how the Service's web pages are used;
4. "functional" cookies, which enable "remembering" the settings selected by the User and personalising the User interface, e.g. in terms of the selected language or region from which the User comes, font size, appearance of the website, etc.;
5. "advertising" cookies, enabling the provision of advertising content to Users that is more tailored to their interests.
6. In many cases, the software used to browse websites (internet browser) allows cookies to be stored on the User's end device by default. Users of the Service may change the settings for cookies at any time. These settings may be changed in particular in such a way as to block the automatic handling of cookies in the settings of the internet browser or to inform about each time they are placed on the User's device. Detailed information on the possibilities and methods of handling cookies is available in the software (internet browser) settings. Users may block the Analytics service for display ads and customize ads in the Google advertising network in the Ads Preferences Manager. You can also download the Google Analytics blocking program from https://tools.google.com/dlpage/gaoptout/
7. The Service Operator informs that restrictions on the use of cookies may affect some functionalities available on the Service's websites.
8. Cookies placed on the end device of the Website User may also be used by advertisers and partners cooperating with the Website operator.
9. More information about cookies is available at http://wszystkoociasteczkach.pl or in the "Help" section in the web browser menu.

ISO 27001 - Information Security Management System

ISO 27001 certification

What is the cost of ISO/IEC 27001 certification?

Contact us

Site map