PROBLEMS OF ISO 27001 MATRIX CERTIFICATION
MARTIN DVOŘÁK
Martin Dvorák has been the service delivery manager at Siemens IT Solutions and Services since 2010. In addition, he is also responsible for the preparation and organisation of audits according to ISO 27001 and ISO 20000 standards. From 2008 to 2010 he worked as a software architect, focusing on the security of developed solutions. He graduated from the Faculty of Informatics and Statistics at the University of Economics, Prague.
ZORA ŘÍHOVÁ
Zora Ríhová graduated from the University of Economics, Prague, and has practical experience gained from both sides – as a customer of IT services (Head of Informatics and Organizations at Unipetrol; Information Manager at ZSE) and also the supplier of IT Services (Head of SAP Product at PVT). At Siemens IT Solutions and Services, Ltd. she worked as a Senior Project Manager to lead projects to implement large-scale information systems and is now dedicated to quality management. She is also an associate professor at the University of Economics, Prague (the Department of Systems Analysis at the Faculty of Informatics and Statistics), which deals with the system aspects of organization, process and project management issues.
PROBLEMS OF ISO 27001 MATRIX CERTIFICATION
Contribution is focused on problems of matrix certification of organization on conformity with ISO/IEC 27001 standard and definition of advantages and difficulties of this approach toward certification. The goal of this contribution is to discuss essence of matrix certification, its rationale, process and impacts on organization of audit including time and organisational demand. There are also analysed questions on process design; possibilities of alignment between selected regions and are analysed approaches of auditors and points of interest.
Publikováno: 12. 04. 2011
Hořejší nábřeží 21
150 00 Praha 5
Tel: 257 920 319-20
Fax: 257 313 695
e-mail dsm@dsm.tate.cz