News

null CSC was the subject of the ISO 27001 audit for the eighth time

CSC was the subject of the ISO 27001 audit for the eighth time

 

Does CSC meet all the numerous requirements of international ISO 27001 information security management? The answer is yes. CSC has been issued the prestigious ISO 27001 certificate for the eighth year in a row. The certificate was issued to CSC for the first time back in 2013.

Most of the leading international IT and cloud service providers have achieved ISO 27001 certification, but for computing and IT centers, ISO 27001 certification is less common.

CSC's ISO 27001 certificate covers CSC's datacenter functions, ICT platforms, IaaS cPouta and ePouta services and digital preservation services (PAS). The certificate, which is renewed annually, shows CSC's commitment to the long-term and continuous development of security.

- We decided to apply for ISO 27001 certification because it is the most valued, comprehensive and internationally known information security management certification, says Urpo Kaila, CSC's Head of Security.

- Of course, this is not the only standard, as CSC's services and systems are also constantly checked against several more technical information security requirements, Kaila explains.

As a part of the 3-day audit, 33 CSC employees from managers to experts were interviewed. The annual audit examines e.g. information security management systems, service development and management, software development, continuity and recovery, contract management and compliance. In addition to the technical aspects, the audit also looks at leadership as well as facility and personnel security.

The audit report highlighted CSC's well-established information security management systems and operational processes, which have enabled a smooth transition to remote working for both CSC's employees and its customers.

ISO 27001 certification is a strong message of CSC's commitment to responsible operations, and in some contracts it is also a requirement.

The audit report highlighted CSC's well-established information security management systems and operational processes, which have enabled a smooth transition to remote working for both CSC's employees and its customers.

- Many thanks to everyone who participated in the interviews and to an even larger number of personnel that have enabled a successful audit. Once again, we have shown how responsible and professional CSC is in the field of security and how we work together, concludes Kaila praising his colleagues.