Information Security Management Systems

In accordance with the FSTEC of Russia licenses ZAO “DOCUMENT SYSTEMS” conducts activities related to the development of information systems for processing confidential information. According to this the design and implementation of integrated Information Security Management System (ISMS) for the customer’s information system is carried out on the basis of international standards ISO 17799 and ISO 27001.

In general cases, the procedure of development and implementation of information security management system consists of the following stages:

  • defining the scope of information security management system;
  • analysis of information risk, including assessment of the criticality of information resources on threats to the confidentiality, integrity and availability;
  • defining the requirements for the protection of information relevant to the current legislation, branch standards and business requirements;
  • development and design of integrated information security management system;
  • development of accompanying normative and technical documentation;
  • support of the process of information security management system implementation.

The distinguishing feature of our company's approach to the design of secure information systems is that we take into account the requirements of the best international standards in information security, as well as the requirements of Russian government regulators for processing confidential information and personal data. This allows customers to avoid extra costs for the information system restructuring when they need to obtain state certificates of compliance for processing confidential information.