Following BSI audit (delivered by BSI Management Systems CIS a subsidiary of BSI Group), Compudava's Information Security Management System (ISMS) has been registered against the requirements of ISO/IEC 27001:2005 with the UKAS (UK) accreditation mark for the following scope: “The ISMS in relation to sales, development, design, implementation, testing and delivery of software and IT solutions, consultancy and IT infrastructure processes”. There have also been conducted a strategic review of the company’s QMS and BSI MS CIS confirmed that the company operates an Integrated Management System (QMS & ISMS).
“It is an important achievement for Compudava, which required good collaboration and synchronization effort of our colleagues from various areas of the business and the ISMS was implemented successfully in the required by the board timescale”, stated Veaceslav Puscasu, the Information Security Manager, when receiving the ISO 27001 certificate.
The ISMS implementation included the following key activities:
- Establishing of a risk management framework;
- Identifying and evaluating the risks for the company;
- Adopting a risk treatment plan;
- Collecting and monitoring the effectiveness of the existing measures, of ISMS;
- Adopting the necessary documentation to support the management system.
Since the implementation and registration of QMS in 2004, it allowed the Company to grow and scale while retaining and improving the quality of the services provided confirmed by the good customer satisfaction results. Meanwhile, the company diversified its services starting to provide IT service consultancy, including in the area of Information Security Management, which led to the decision of implementing internally of ISMS. One of the objectives in implementing the ISMS was to make sure that the new management system (ISMS) is integrated with the existing QMS and that it works as one system rather than two separate ones. Thus, the ISMS was implemented based on the existing framework and it was possible to re-use best company’s practices while applying the new ones related to information security. BSI assessment methodology helped to certify that both systems operate as an integrated one.
Natalia Gorobets, BSI MS CIS General Director, commented: “Compudava team has worked extremely hard over the past year to gain this 27001 registration. The team should feel extremely proud that their commitment has helped Compudava to set an example to other organizations”.
During the assessment of Compudava the BSI Technology Manager – Keith Blackmore - was on site to witness both the assessment process and the final recommendation.
Keith stressed: "The business had implemented, and were now managing, well formulated ISMS policies and processes which will allow the business to continue to develop and expand whilst maintaining good ISMS working practices”.
“We are proud to be the first company in Moldova and one of very few in the CEE region to be issued the ISO 27001:2005 certificate, confirming high level of competence of our staff. This will enable applying the existing knowledge inside the Group in implementing management systems in UK and Romania, but also to strengthen our consultancy offering and demonstrate good practice in information security management to our customers” , concluded Vasile Nedelciuc, Compudava Chairman.
Compudava is working now towards implementing the IT Service Management best practices according to ISO 20000 standard, and planning to provide managed services to customers worldwide from our office in Chisinau as part of an integrated set of services supported by an Integrated Management System.
About BSI Management Systems
BSI Management Systems operates worldwide to provide organisations with independent third-party certification of their management systems, including ISO 9001 (Quality), ISO 14001 (Environment), OHSAS 18001 (Occupational Health and Safety), ISO/IEC 27001 (previously BS 7799 for Information Security), ISO/IEC 20000 (previously BS 15000 for IT Service Management) and Food Safety, including ISO 22000. In addition, BSI Management Systems offers a range of training services around management systems.
To find out more about BSI, please visit the websites:www.bsigroup.com, https://www.bsigroup.com/ru-RU/
Compudava SRL, part of the Endava group of companies, is a software services company with skills across Financial, Technology, Media and Telecom sectors.
Following the merger between Brains Direct, a leading supplier of Eastern European offshore software development and IT services, and Concise Group, a City-based IT consulting and services organisation, Endava was established in 2006 to create a focused IT services business to provide the highest quality IT consulting, software, sourcing and support solutions using the very best West and East European talent. Endava is aiming to be the premier provider of IT talent and advice from Emerging Europe; bringing sustainable transformation to the locations where they work, delivering domain-focused technology consulting, systems implementation and managed service solutions predominantly to the Financial, Technology, Media and Telecom sectors.
Endava provides expert domain knowledge and implementation experience in IT architecture, integration, IT security, and infrastructure managed services, with a highly skilled and cost effective software development capability from Eastern Europe, delivered via our blended sourcing approach. Endava has delivery centres in Chisinau, Moldova; Bucharest and Cluj, Romania; with clients across the UK, Europe and the USA.
For further information on Compudava, contact:email@example.com, or visit www.endava.com