• Compliance with best practices to minimize risk to information security.
    Compliance with best practices to minimize risk to information security.
    Friday, 18 September 2020 09:39

    Recently Konvergence achieved an important goal with ISO/IEC 27001:2013 certification.

    This international standard gives guidelines for the creation of an Information Security Management System (ISMS).

    The aim is to implement and organize information security policies by defining a system for the management, monitoring, control of business processes to ensure high levels of confidentiality, integrity and accessibility of information. The field of application is in the core business of Konvergence: design and development of software and related IT services in the retail sector.

    Achieving certification has become a strategic goal for Konvergence to increase the protection and security of managed information and improve corporate governance.

    The certification process, which started in 2019, has involved several professionals with multidisciplinary skills, proactively collaborated in the implementation of the ISMS. The process approach adopted has enabled Konvergence's ISMS to be established, implemented, monitored, reviewed, managed and improved.

    Bureau Veritas, an independent certification organization, has sent auditors to our headquarters to verify the compliance of the procedures implemented.

    Thanks to this certification, Konvergence has developed a conscious focus on information security risks, allowing a clear assignment of responsibilities for information security.

    Konvergence thus continues to consolidate one of its most important assets: security, a decisive advantage for retail operators who entrust their systems to a technology provider.

    Guerino di Giacomo, Head of Development and Projects at Konvergence says: "Undertaking the ISO 27001 certification process has brought several advantages at an organizational level: it has consolidated the global management of risks related to information and systems security, allowed a clear definition and implementation of suitable objectives for security interventions, allowing the constant monitoring of risk areas. In addition, the adoption of best practices delineated by the certification confirms Konvergence's commitment to fulfill its obligations to all stakeholders that daily enter into contracts with our company in order to ensure the necessary levels of security to protect systems, assets and data".

    Konvergence will maintain its commitment to the future by continuously improving processes and practices to protect and manage data.