Information Security Management System
Avineon India is certified to ISO 27001:2005 Information Security Management System standard. ISO 27001:2005 certification emphasizes Avineon's commitment to superior service which provides customers with the best comprehensive security measures deployed and also provides a means to benchmark our information security management system to international standard.
The certification audits were carried out by Det Norske Veritas (DNV) in the month of July 2005 and in fulfillment of DNV certification criteria Avineon has been awarded the ISO 27001:2005 certificate.
The scope of the certification covers "Provision of IT services related to Application Software Development and Management, Geospatial and CAD solutions, Engineering services, 3D modelling and Plant Design Automation."
Background
Avineon India receives, maintains, and transmits information that belongs to customers, employees, and service providers. Avineon is committed to the confidentiality, integrity, and availability of all such information.
Avineon India believes that through the implementation of effective information security management practices a sustained growth can be achieved by minimizing business damage and ensuring business continuity.
The rigor with which such an implementation is applied to Avineon India information systems is proportional to the assessed risk to Avineon’s business processes posed by problems with the confidentiality, integrity, or availability of the information system to Avineon business process.
Mission
'Through the application of advanced technologies, structured development methods, and effective project management, Avineon India Pvt. Ltd. (Avineon India) sets the standard for best-value engineering, geospatial and information technology solutions.'
Methodology
| |
Avineon implements this approach |
 |
Through continually assessing and understanding the risks to help establish appropriate risk management, incident management and recovery procedures |
|
Through the implementation of proper security framework to satisfy external bodies when working with sensitive data |
|
Through an increased awareness among employees of the need for proper security practices |
In view of the above, Avineon has performed an analysis of all its information assets and has appropriately developed security policies and procedures. These policies and procedures adapted are based on the maturity of the following key enablers:
Ensuring integrity and accuracy of the data in a manner consistent with the expectations of Avineon, our customers, and our employees.
Providing secure, stable computing platforms for the continued growth and profitability of the company.
Identifying and implementing required security measures within the premises to safeguard all assets.
Protecting corporate assets from fire, flood, and from misappropriation, misapplication, and vandalism.
Ensuring the ability to survive hazards.
Providing for the privacy of proprietary, trade secret, human resource, or otherwise sensitive data.
Working with key individuals to address the security of project data and defining best practice standards for security that benefit the Partner Organizations and the community as a whole.
Identifying future requirements for the project, including areas where economies of scale and standardization of security products and policies could help with cost effective maintenance and support.
Identifying applications and services that Avineon can provide to partner organizations.
Key Points
ISO 27001:2005 is a globally recognized standard to identify, manage, and reduce the range of threats. Its emphasis on safeguarding organizational assets and commitment to continuous improvement have been key differentiators to business. Overall the important concepts to remember are
|
Assurance and enhanced customer satisfaction |
|
Compliance to legal and other legislations |
|
Effective security management practices |
|
Safe and secure work environment |
|
Tested recovery and business continuity plans |
|
