ISO 27001/ISO27999

ISO 27001:2013 standard by the International Organization for Standardization is standard for managing information security. complying the standard proves that the organization is taking steps suitable to fill his obligations Maintaining effectively managing of information. The standard certificate is suitable for every organization.

The standard including testing of extensive information security risk survey, including the following topics:

Loss of Data.
Network protection.
Malware protection.
Un authorized entries to the system.
Ability to restore the system.

ISO Standard 27799 is a international standard for securing health information systems. The standard is based on the general standard of information security and sets out the basic of standards for enterprise information security and accepted practices for information security management. In addition to the General Information Security Standard, this standard addresses to the following:

Determining security policies and managing health information assets.
Security aspects for existing employees and hiring new ones.
Protecting the computing environment and facilities.
Establishment and management of control systems.
Restriction of access rights to networks, systems, applications and data that include personal health information.
Information Security Events management.
Safeguards, retention and recovery management during the information crash.
Paying special attention to laws and regulations when it comes to personal medical information.
Conducting internal audits and management surveys.

Primesec accompanies organizations in the process establishing the framework to comply with the standard and get the certification, including gap analysis and conduct workplan. The company combines its experience from various sectors and platforms to help its customers comply with the standard requirements while maximize its own systems abilities.