The ISO/IEC 27001:2022 standard provides general requirements for the design and implementation of an information security management system and can be implemented by any organization regardless of the type, size or nature of the product/service provided.
ISO/IEC 27001:2022 certification
advantages of ISO/IEC 27001:2022 certification
- gives business partners and customers much greater confidence in the certified organisation
- ensures a reduction of the requirement for any security system assessment by partners or customers who wish to do so
- provides much simpler control over information
- identifies and controls risks that could affect the organisation’s business
- develops a framework for managing the security of its information assets, including financial information, intellectual property and employee information or information entrusted to the organisation by customers or third parties
- ensures a business continuity and disaster recovery plan appropriate to the company
The new version of the international standard ISO/IEC 27001 has been published. Find out the main changes in the documents: GAP Analysis and Transition Program in the Useful Documents section.
The certification
process
Contact us
We respond within 5 minutes of your request.
Quotation
We deliver the quotation within 2 hours.
Contract signing
We sign the contract and agree on the method of payment. We schedule the date of the audit together.
The audit
We carry out the actual audit. We prepare the necessary reports.
The certification
We check the audit documentation. We release your certificate.
frequently asked questions
What is ISO standards certification?
Certification is the verification of conformity of management systems with ISO reference standards.
This is done by a certification body.
What is ISO?
ISO is short for the International Organization for Standardization which is based in Geneva.
This organisation issues international standards generically called ISO.
How long is a certification valid?
ISO management system certifications are valid for a period of 3 years.
In the third year the recertification audit is carried out and the organisation enters a new 3-year certification cycle.
What does an audit involve?
An audit is a systematic, independent and documented activity to assess the extent to which certain requirements are met.
The audit should be seen as a tool for improvement and in addition to the objectives of any audit, the audit team should also consider identifying potential areas for improvement and will document these in the form of recommendations in the audit report, together with other findings (non-conformities or weaknesses identified).
The certification audit is organised in 2 stages:
- Reviewing the documentation and obtaining the necessary information related to the scope of the management system.
- Assessment of the functioning of the Management System on site.
Verification of the implementation and functioning of the management system in accordance with the reference standard, followed by closure of non-conformities.
We regard the audit process as a comfortable, positive, value-oriented experience – it is a collaborative, cooperative process and you are the client. An effective audit process allows management to assess its own effectiveness in controlling the company in the desired manner.
What are the detailed steps of the certification process?
Submission of the offer.
Signing the contract and agreeing the payment method.
Scheduling the audit date.
The certification audit. Preparing the necessary reports.
Verification of audit documentation and closure of non-conformities.
Issue the certificate.
Surveillance audit I. The system is found to be maintained and improved by a new audit not later than 1 year after the certification audit.
Surveillance audit II. The system is found to be maintained and improved by a new audit not later than 2 years after the certification audit.
Recertification. In order to maintain continuity, the recertification audit must be carried out before the expiry of the certificates.
What is a standard?
A standard is a document established by consensus and approved by a recognised body, which provides, for common and repeated use: rules, guidelines or characteristics for activities or their results, with the aim of achieving the optimum degree of order in a given context. (according to ISO/IEC Guide 2: 1996)
Is certification mandatory?
Certification to ISO management systems is a voluntary process.
Certification is a useful tool for company management to ensure that best practices are implemented to protect the health of customers and employees.
What criteria do you use to choose a certification body?
National and international accreditation and recognition
SYSTEMA CERTIFICATIONS carries out audits and issues certificates according to the ISO/IEC 17021:2011 accreditation standard.
The most professional ISO certification bodies are accredited by accreditation bodies recognised for their competence and performance worldwide. This accreditation is clear evidence that the certification body is carrying out its activities in the most professional way possible.
For Romania, there is RENAR, the institution that accredits certification bodies in Romania with national recognition.
Quality of service.
The attitude and professionalism of the SYSTEMA CERTIFICATIONS team are evaluated monthly by our clients.
Recommendation is one of the most important ways of promoting us. We consider the recommendation a powerful tool because it speaks about the trust our customers have in SYSTEMA CERTIFICATES team and in the services offered.
What does recertification involve?
ISO management system certifications are valid for a period of 3 years. In order to maintain continuity, the recertification audit must be carried out before the certificate expires.
What is the difference between an accredited or non-accredited certification?
Organisations that grant certifications of conformity to international standards to third parties are themselves accredited by accreditation bodies (e.g. RENAR Romania) and are therefore called accredited certification bodies.
Accreditation means that certification bodies have themselves been assessed against internationally recognised standards to demonstrate their competence, impartiality and performance capability.
Accreditation is the ability to distinguish a competent assessor who ensures that the choice of a certification or inspection body is a well-informed choice. An accredited certification body can prove to its clients that it successfully meets the requirements of international accreditation standards. The result is to reduce the risk of a client choosing and paying for an incompetent assessor, or even worse, going by results without any real basis.
Accredited ISO certification complies with the most stringent tender requirements and is recognised nationally and internationally.
SYSTEMA Certifications conducts audits and issues certificates according to the ISO/IEC 17021:2015 accreditation standard.
request a quote
SYSTEMA CERTIFICĂRI SRL este un organism independent de certificare, cu sediul în Târgu Mureș, cu peste 1.300 de clienți și 2.400 de certificate emise. SYSTEMA Certificări este o companie acreditată de către IAS (International Accreditation Service) pentru certificări în conformitate cu standardele internaționale ISO 9001, ISO 14001, ISO 13485, ISO 45001, ISO 22000, ISO 27001.
SYSTEMA Certificari © 2022 | Toate drepturile rezervate. | Developed by INFO SMART PC
