Dedicated to our commitment to excellence, at Motiva Consulting, since 2012, we have
renewed the ISO 20000 (IT Technology Services Management) and, from 2011, the ISO
27001 (Information Security Management).
We have a management system audited twice a year by external certification authorities: one according to the processes established by ISO 20000 and another according to ISO 27001 controls.
Those two ISO standards represent the two most prestigious international standards of good practices, subject of worldwide implementation for the information technology service providers.
ISO 27001 CERTIFICATE – INFORMATION SECURITY
At Motiva Consulting we are aware that information is one of the main assets of the
companies, because we handle and save greater quantity of sensitive and confidential
data in our systems every day, and that we need to keep them accessible and secure.
To ensure the security of the information we handle, Motiva Consulting has had ISO
27001 standard since 2011.
The ISO 27001 contemplates the creation of an Information Security Management System (ISMS) that allows to know, manage and minimize the risks related to the information security in a systematic and efficient way.
The adequate implementation and certification of this framework offers a confidentiality guarantee, the integrity and availability of the stored data.
The certification of an Information Security Management System generates client confidence and improves Motiva’s efficiency.
This standard, developed by the International Standards Organization (ISO) in 2005 was born with the aim to ensure the information security in companies. Its framework was revised in 2013 and modifications were implemented following the previous experience of standards use.
What are the ISMS objectives according to ISO 27001:2013
- To protect information and ensure its security.
- To identify the risks resulting from information storage.
- To facilitate the understanding of the standard and its integration with other management systems.
- To minimize the risks inherent to information security (data loss, theft, corruption, etc.)
- To ensure its legal compliance.
- To reduce costs and to improve operating processes.
- To generate client confidence ensuring good management of data entrusted to your organization thanks to its international recognition.
- To develop a competitive advantage for companies.
- To motivate personnel and raise awareness of the importance of information security.
- To improve organization’s efficiency.
ISO 20000 CERTIFICATE – IT SERVICES MANAGEMENT
The ISO 20000 standard covers IT services management. It allows an organization to
orientate its information technology services to the needs of internal or external clients,
ensuring a quality and efficient service. This standard is based on a set of concepts and
practices for the management of the Information Technology Infrastructure Library (ITIL).
Adopting this standard basically aims at delivering a service of the highest quality either
to the organization itself either to external clients.
The ISO 20000 standard contributes to achieve performance of IT services with minimum requirements aimed at labour organizations and also delivers a global recognition by an independent third party.
Benefits of the ISO 20000 Standard:
- To protect the image of the company and manage IT services risks to third parties.
- To improve IT services with the organization itself.
- To minimize response time in the event of an incident and to improve the results and the operation of technology applications.
- To demonstrate that procedures and adequate controls are on the premises to deliver a coherent quality IT service at effective costs.
Summary of the SIG Policy
The “Implementation and Certification of ISO 27001 Standard in SMEs” project has been co-financed by the Ministry of Industry, Tourism and Trade as part of the National Plan for Scientific Research, Development and Technological Innovation 2008-2011 and by the European Regional Development Fund (ERDF), (TSI-020514-2009-88).