The security of the information systems of a company is evidently a key element in order to guarantee the confidentiality of business and technical data that constitute the more important resource in the ordinary management and in the future development of the activities.
Moreover also the recently approved laws, e.g. the Italian D.L. 30 june 2003, n. 196, impose particular attention to the security measures to adopt for the protection of personal data.
Our more than 10 years experience in such field, also for the protection of the sensitive data of medical nature, allows to offer a consulting service particularly prepared in the drawing up of the Programmatic Document for the Security and in the Risk analysis, obviously in addition to the individualization of the more adapted and economic remedies for the adaptation to the requirement of law and to the most modernized normative of the field.
We can moreover supply formation courses, customized for company’s rqeuests, for the preparation of the staff to the respect of the norms and procedures of security; these courses are kept periodically at our company, held by specialized staff, but they can be also organized in the company’s premises upon request.
In adding to the Italian national norm, that is mandatory for Italy, we must surely remember the ISO 17799 norm, that it is the international standard of reference for the management of the security in the information technology filed.
Its adoption from a company allows to demonstrate of being able to guarantee the safeguard of the information managed in terms of confidentiality, integrity and availability.
It must be specified that ISO 17799, in a global view of assurance of the business continuity, minimization of the damages through prevention and reduction of the impact of the incidents against the security, takes care of the security of all informations, exceeding the borders of the IT.
The adoption of ISO 17799 from a company represents a strong signal towards a market more and more sensible to the problems of the security, it improves the image and the business prestige, until to a possible incidence on the patrimonial valuation or of the shareholder quotas, but it also reduces the operating costs of the security and increases the competitive advantages connected to the improvement of the processes, it improves the ROI on the informatics investments for a targeted focalization of such investments in the light of the analysis and of the evaluation of the risks.