ISO 27001

The Information Security Management System (ISMS) of Solution Technology Systems, Inc. (STSI) has been assessed and approved against the provisions of ISO 27001:2013.  This assessment and approval has been provided by National Quality Assurance (NQA), U.S.A., Accredited by ANAB (ANSI-ASQ National Accreditation Board).

STSI is committed to provide highest quality services to its customers and ISO 27001:2013 certification underlines this commitment.

STSI’S Information Security Management System Policy

 

Information is a major asset that we at STSI have a responsibility and requirement to protect. The following policy objectives were developed and implemented to ensure our and our client’s information, computers and people are protected:

  • To direct the design, implementation and management of an effective Information Security Management System (ISMS), which ensures that STSI’s information assets are properly identified, recorded, and afforded suitable protection at all times.
  • To ensure the confidentiality, integrity, and availability of STSI’s information assets, and supporting assets (including information systems) as defined within the Inventory of Assets.
  • To ensure that all vulnerabilities, threats and risks to information assets and supporting assets are formally identified, understood, assessed and controlled in accordance with STSI’s documented Risk Assessment Methodology.
  • To ensure that STSI’s employees, contractors and third-party users comply with this Information Security Policy, and all other ISMS documentation, through the provision of effective information security training, awareness and ongoing monitoring activities.
  • To ensure that STSI is able to maintain full compliance with all applicable legislation, regulations and contractual requirements., and any supporting management system certifications (for example ISO/IEC 27001:2013).

In order to fulfil these objectives, and to provide the level of control and traceability necessary to demonstrate compliance with recognized processes, it is the policy of the organization to maintain an efficient and effective IT Service Management System (IT SMS) based upon the requirements of the ISO/IEC 20000 IT Service Management Systems Standard.

ISO 9001 Registered: Quality Management