ISO/IEC 27001 Certificate

In January 2010, SPEVACEK translation services implemented the ISO/IEC 27001 Security Management System to ensure maximum security of client data.

ISO/IEC 27001 describes the formal aspects of a management system aimed at controlling information security. Its formal nature means that the standard defines specific requirements. Organizations that adopt ISO/IEC 27001 are considered formally audited and certified as compliant with the standard.

Under ISO/IEC 27001, the management must meet the following requirements:

• Systematic review of the organization's information security risks in view of threats, vulnerabilities, and impacts;
• Design and implementation of a coherent and comprehensive suite of information security controls and/or other forms of risk management (such as risk avoidance or risk transfer) to address risks that are deemed unacceptable; and
• Adoption of an overarching management process to ensure that information security management continues to meet the organization's information security needs on an ongoing basis.