Infopulse - Expert Software Engineering, Infrastructure Management Services
Send message Request a call
Send message Please fill in this quick form and we will send you a free quote shortly.
* Required fields
Request a call Please fill in this quick form and we will call you back shortly.
* Required fields
Subscribe to Infopulse Newsletter Please fill in this quick form to be among the first to receive our updates.
* Required fields
Send an email to Olga Konovalova Please fill in this quick form to contact our expert directly.
* Required fields
Read the rest of the Case Study Don't miss the most interesting part of the story!
Submit this quick form to see the rest and to freely access all case studies on our website.
* Required fields

Security Management (ISO/IEC 27001)

Strict Adherence to Internationally Recognized Security Management Standards

The Infopulse-developed Information Security Management System (ISMS) is fully compliant with the ISO 27001:2013 standard.

This standard provides a model to establish, implement, operate, monitor, review, maintain, and improve a documented ISMS within the context of the overall business risks.

The ISMS is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

Being a part of Unified Business Management System of Infopulse, ISMS is operated by qualified security managers (CISM, CISA, CISSP, PCIP) in the technology environment based on Microsoft SharePoint and Infopulse ShareProcess.

Infopulse Information Security Policy is the core document which defines the framework of ISMS.

The following processes are implemented in the Corporate Information Security Management System:

  • Access management (logical & physical)
  • Information security incident management
  • Risk management
  • Business continuity management
  • Asset management
  • Documentation and data classification and management
  • Communications and operations management (*)
  • Human resources security management
  • Information systems acquisition, development and maintenance
  • External parties management
  • Compliance with legal requirements
  • Awareness program

(*) including operational procedures and responsibilities, third-party service delivery management, system planning and acceptance, back-up, network security management, monitoring and audit

The company executive management is responsible for ensuring that all employees understand their liability and exercise all internal regulations related to security and IPR protection. Regular trainings are provided to the company employees with the focus on these topics. Each employee regularly passes the security exam.

Business continuity is maintained to ensure continuous operations of delivered services. Business Continuity Plan and Service Recovery Procedures are implemented for quick and effective response to service disruptions. Redundancy strategy is implemented (data backup, backup power generators, fault-tolerant design for IT and network equipment, 2 internet channels, equipment cold reserve, vendor equipment support). Business Continuity Management is aligned with best practices.

Physical security is provided for HQ and all delivery locations with a 24/7 security guard. The premises are protected with a state-of-the-art access control system, CCTV VoIP, and other security systems. Procedures for visitor attendance, access card management, and event handling are in place.

Security checkpoints are integrated into the IT Service management and Project management processes.

Operational security is supported by a dedicated incident response team.

Subscribe to our Newsletter