Transcript of DQS – your management partner
DQS – your management partner
DQS is an independent and competent partner for assessments to
internationally recognized standards, as well as to individual or
internal requirements. The notifications and accreditations DQS
holds for all relevant standards stand for international competence
and reliability. Many years of experience in their business sectors
and a high level of social competence distinguish the highly
qualified DQS auditors. During assessment procedures, they provide
valuable support for processes that are controlled, quality ready
and based on key indicators. Successful assessments and
certifications by DQS demonstrate more than conformity with the
standard referenced. Our auditors supply information on
opportunities and risks, identify improvement potential, and
provide impulses for improved performance ability.
Information Security Management
Custom assessments with a practical focus – independent and
international
DQS plans and conducts each assessment individually, in order to
achieve the maximum benefit for each customer and their individual
situation on site. As far as data protection is concerned,
particular emphasis is placed on confidentiality, availability, and
integrity. The simultaneous assessment of multiple management
systems or an integrated management system creates synergies from
the joint assessment of duplicate requirements.
Sustainable corporate success through information security
Maintenance of business continuity Transparency for customers with
stringent security requirements Improved security consciousness
within the organization Improved data and information protection
Improved confidence among interested parties Reduced risk of
liability Protection of physical security areas
Protecting information – minimizing risks
August-Schanz-Straße 21 60433 Frankfurt am Main Germany Tel. +49 69
95427-0 Fax +49 69 95427-111 info@dqs.de
Markgrafenstraße 56 10117 Berlin Germany Tel. +49 30 200543-30 Fax
+49 30 200543-50
Taubenheimstraße 24 70372 Stuttgart Germany Tel. +49 711 3807319-0
Fax +49 711 3807319-10
Imprint
Print johnen druck, Bernkastel-Kues
DQS is member of:
DQS GmbH Deutsche Gesellschaft zur Zertifizierung von
Managementsystemen
Keeping information safe is an essential premise for sustained
success in any business area – but how much attention do you pay to
it?
Many organizations still vastly underestimate the amount of risk
associated with the ever increasing volume of information traffic
and storage, both in printed or electronic format – while both risk
and volume increase simultaneously*. Today’s easy means of data
transfer and the almost carefree handling by so many users can make
you forget that this makes it just as easy for unauthorized users
to access your most valuable asset – your company data. Customer
profiles, construction plans, financial analyses – in the wrong
hands, they can become volatile information. Losing them to third
parties can threaten the very existence of an organization.
Information security, by the way, is not a new subject at all. In
order to protect information from unauthorized access in the past,
people used to develop secret languages, safeguard transports,
carefully select trustworthy messengers, and built heavy-duty
safes. Today, you don’t need much more than the correct password to
enter into the depths of any given company, to conduct transactions
under somebody else’s name, or to be given access to facilities,
buildings, or networks.
Level 1
Level 2
Level 3 Physical areas Logical areas Examples of organizational
boundaries
e.g. employees in controlling, only authorized for levels 1 and
2
e.g. top management
World Wide Web
Information security and data protection is one of the permanent
tasks of top management. The PDCA cycle of planning,
implementation, correction and action applies here, as well. The
advantage is that even these most critical tasks of an organization
can be integrated seamlessly into an existing management
system.
From analyses to certificates
In order to react correctly, though, you first have to identify the
challenge. That is why more and more companies apply a systematic
approach that provides both surety of action and legal certainty –
and that is well suited for achieving corporate goals. DQS offers
innovative assessment concepts that are fine-tuned exactly to each
customer’s individual need for security, and their objectives. The
spectrum covers anything from a brief online self-evaluation on
information security issues, all the way to the comprehen- sive
assessment and certification of an information security management
system on the basis of ISO 27001. DQS customers also benefit from
the detailed findings of data privacy audits and one-day analyses
on selected aspects, such as the security policy.
ISO 27001 – Secure information International standard for a
process-oriented management system for information se- curity
(ISMS) with a preventive and comprehensive approach. ISO 27001
systematically addresses the risks associated with information, as
well as all processes designed to ensure business continuity.
Data privacy audit – Adherence to legal requirements This
assessment takes into account the legal and customer-specific
requirements for data protection. Recommended for all organizations
that store and process personal data, whether private or public
sector. DQS Compact – Assessment of selected corporate aspects
Neutral, competent, and independent review of one specific
corporate aspect, such as validation of the security policy, legal
certainty of the website, analysis of the information processing
center’s infrastructure.
Assessments specifically designed for IT service providers
ISO 20000-1 – IT Service Management International standard for cost
effective and reliable IT service management, based on the Best
Practices Approach of the IT Infrastructure Library (ITIL®). The
assessment to ISO 20000-1 does not have to include all corporate
processes within an organization. It can be limited to selected IT
service processes and performed in several stages.
IT Service Management Processes according to ITIL® – IT
Infrastructure Library ITIL® is a Best Practice catalogue that
contains recommendations instead of require- ments. ITIL® therefore
provides no framework for certification, but it can be included as
basis of an assessment. The questionnaire that goes with it is BIP
0015; DQS applies this as well as the requirements of ISO 20000-1
in their certifications, and issues a statement of
conformity.
itSMF Seal of Approval – Benchmark for IT services Quality model
based on an approach oriented on customers and characteristics.
itSMF helps to identify those performance characteristics most
relevant to customers, as well as the overall satisfaction with the
perceived service quality.
*2010 Study on Safety Risks for German SMEs (“Gefahrenbarometer
2010”)
Information security needs organization
Possible protection areas: information security can only be
maintained where the different protection areas are
superimposed
DQS GmbH Deutsche Gesellschaft zur Zertifizierung von
Managementsystemen
Keeping information safe is an essential premise for sustained
success in any business area – but how much attention do you pay to
it?
Many organizations still vastly underestimate the amount of risk
associated with the ever increasing volume of information traffic
and storage, both in printed or electronic format – while both risk
and volume increase simultaneously*. Today’s easy means of data
transfer and the almost carefree handling by so many users can make
you forget that this makes it just as easy for unauthorized users
to access your most valuable asset – your company data. Customer
profiles, construction plans, financial analyses – in the wrong
hands, they can become volatile information. Losing them to third
parties can threaten the very existence of an organization.
Information security, by the way, is not a new subject at all. In
order to protect information from unauthorized access in the past,
people used to develop secret languages, safeguard transports,
carefully select trustworthy messengers, and built heavy-duty
safes. Today, you don’t need much more than the correct password to
enter into the depths of any given company, to conduct transactions
under somebody else’s name, or to be given access to facilities,
buildings, or networks.
Level 1
Level 2
Level 3 Physical areas Logical areas Examples of organizational
boundaries
e.g. employees in controlling, only authorized for levels 1 and
2
e.g. top management
World Wide Web
Information security and data protection is one of the permanent
tasks of top management. The PDCA cycle of planning,
implementation, correction and action applies here, as well. The
advantage is that even these most critical tasks of an organization
can be integrated seamlessly into an existing management
system.
From analyses to certificates
In order to react correctly, though, you first have to identify the
challenge. That is why more and more companies apply a systematic
approach that provides both surety of action and legal certainty –
and that is well suited for achieving corporate goals. DQS offers
innovative assessment concepts that are fine-tuned exactly to each
customer’s individual need for security, and their objectives. The
spectrum covers anything from a brief online self-evaluation on
information security issues, all the way to the comprehen- sive
assessment and certification of an information security management
system on the basis of ISO 27001. DQS customers also benefit from
the detailed findings of data privacy audits and one-day analyses
on selected aspects, such as the security policy.
ISO 27001 – Secure information International standard for a
process-oriented management system for information se- curity
(ISMS) with a preventive and comprehensive approach. ISO 27001
systematically addresses the risks associated with information, as
well as all processes designed to ensure business continuity.
Data privacy audit – Adherence to legal requirements This
assessment takes into account the legal and customer-specific
requirements for data protection. Recommended for all organizations
that store and process personal data, whether private or public
sector. DQS Compact – Assessment of selected corporate aspects
Neutral, competent, and independent review of one specific
corporate aspect, such as validation of the security policy, legal
certainty of the website, analysis of the information processing
center’s infrastructure.
Assessments specifically designed for IT service providers
ISO 20000-1 – IT Service Management International standard for cost
effective and reliable IT service management, based on the Best
Practices Approach of the IT Infrastructure Library (ITIL®). The
assessment to ISO 20000-1 does not have to include all corporate
processes within an organization. It can be limited to selected IT
service processes and performed in several stages.
IT Service Management Processes according to ITIL® – IT
Infrastructure Library ITIL® is a Best Practice catalogue that
contains recommendations instead of require- ments. ITIL® therefore
provides no framework for certification, but it can be included as
basis of an assessment. The questionnaire that goes with it is BIP
0015; DQS applies this as well as the requirements of ISO 20000-1
in their certifications, and issues a statement of
conformity.
itSMF Seal of Approval – Benchmark for IT services Quality model
based on an approach oriented on customers and characteristics.
itSMF helps to identify those performance characteristics most
relevant to customers, as well as the overall satisfaction with the
perceived service quality.
*2010 Study on Safety Risks for German SMEs (“Gefahrenbarometer
2010”)
Information security needs organization
Possible protection areas: information security can only be
maintained where the different protection areas are
superimposed
DQS GmbH Deutsche Gesellschaft zur Zertifizierung von
Managementsystemen
0 4
/2 0
1 0
DQS – your management partner
DQS is an independent and competent partner for assessments to
internationally recognized standards, as well as to individual or
internal requirements. The notifications and accreditations DQS
holds for all relevant standards stand for international competence
and reliability. Many years of experience in their business sectors
and a high level of social competence distinguish the highly
qualified DQS auditors. During assessment procedures, they provide
valuable support for processes that are controlled, quality ready
and based on key indicators. Successful assessments and
certifications by DQS demonstrate more than conformity with the
standard referenced. Our auditors supply information on
opportunities and risks, identify improvement potential, and
provide impulses for improved performance ability.
Information Security Management
Custom assessments with a practical focus – independent and
international
DQS plans and conducts each assessment individually, in order to
achieve the maximum benefit for each customer and their individual
situation on site. As far as data protection is concerned,
particular emphasis is placed on confidentiality, availability, and
integrity. The simultaneous assessment of multiple management
systems or an integrated management system creates synergies from
the joint assessment of duplicate requirements.
Sustainable corporate success through information security
Maintenance of business continuity Transparency for customers with
stringent security requirements Improved security consciousness
within the organization Improved data and information protection
Improved confidence among interested parties Reduced risk of
liability Protection of physical security areas
Protecting information – minimizing risks
August-Schanz-Straße 21 60433 Frankfurt am Main Germany Tel. +49 69
95427-0 Fax +49 69 95427-111 info@dqs.de
Markgrafenstraße 56 10117 Berlin Germany Tel. +49 30 200543-30 Fax
+49 30 200543-50
Taubenheimstraße 24 70372 Stuttgart Germany Tel. +49 711 3807319-0
Fax +49 711 3807319-10
Imprint
Print johnen druck, Bernkastel-Kues
DQS is member of:
0 4
/2 0
1 0
DQS – your management partner
DQS is an independent and competent partner for assessments to
internationally recognized standards, as well as to individual or
internal requirements. The notifications and accreditations DQS
holds for all relevant standards stand for international competence
and reliability. Many years of experience in their business sectors
and a high level of social competence distinguish the highly
qualified DQS auditors. During assessment procedures, they provide
valuable support for processes that are controlled, quality ready
and based on key indicators. Successful assessments and
certifications by DQS demonstrate more than conformity with the
standard referenced. Our auditors supply information on
opportunities and risks, identify improvement potential, and
provide impulses for improved performance ability.
Information Security Management
Custom assessments with a practical focus – independent and
international
DQS plans and conducts each assessment individually, in order to
achieve the maximum benefit for each customer and their individual
situation on site. As far as data protection is concerned,
particular emphasis is placed on confidentiality, availability, and
integrity. The simultaneous assessment of multiple management
systems or an integrated management system creates synergies from
the joint assessment of duplicate requirements.
Sustainable corporate success through information security
Maintenance of business continuity Transparency for customers with
stringent security requirements Improved security consciousness
within the organization Improved data and information protection
Improved confidence among interested parties Reduced risk of
liability Protection of physical security areas
Protecting information – minimizing risks
August-Schanz-Straße 21 60433 Frankfurt am Main Germany Tel. +49 69
95427-0 Fax +49 69 95427-111 info@dqs.de
Markgrafenstraße 56 10117 Berlin Germany Tel. +49 30 200543-30 Fax
+49 30 200543-50
Taubenheimstraße 24 70372 Stuttgart Germany Tel. +49 711 3807319-0
Fax +49 711 3807319-10
Imprint
Print johnen druck, Bernkastel-Kues
DQS is member of: