"GSS Group obtains the ISO / IEC 27001: 2013 certificate "
GSS Group obtains the ISO / IEC 27001: 2013 certificate demonstrating the organization's commitment to managing information security. The implementation in GSS Group of the ISO 27001 standard guarantees that the controls that exist in the organization to safeguard the information of the interested parties are adequate to protect the confidentiality, integrity and availability of the information.
ISO 27001 is an international standard issued by the International Organization for Standardization (ISO) and describes how to manage information security in a company. ISO 27001 is written by the best specialists in the world on the subject and provides a methodology to implement the management of information security in an organization. ISO 27001 has become the world's leading standard for information security and many companies have certified compliance.
For a corporation such as the GSS Group with 18 years of experience in the area of customer relationship management (contact center), the ISO 27001 certification through an independent entity consolidates its management of the security of information. In this way, the business risk is minimized by guaranteeing the existing controls to reduce the risk of security threats and to avoid that the deficiencies of the system are exploited.
In GSS Group we have implemented an integrated quality and environment system, which means that we are aligned with other management systems and integrated operation with related management standards (9001, 14001, PCI, etc.). The implementation of the ISO 27001 standard has the following results:
The harmonization with standards of management systems such as ISO 9001 and ISO 14001.
The emphasis on the continuous improvement of the information security management system processes.
Clarity in documentation and records requirements.
Processes of evaluation and management of the risks involved through the process model Plan, Do, Verify, Act (PDCA, for its acronym in English).
The protection of the assets of the company, from digital information, documents and physical assets (computers and networks) to the knowledge of employees.
In short, thanks to this certificate we managed to improve our business management and security to those interested, especially our customers. Likewise, through the appropriate risk assessment, threats to assets are identified, vulnerability and risk of occurrence are evaluated and the possible impact is estimated, so that your investment goes where it is necessary.
This widely known international security standard specifies that GSS performs the following:
We systematically assess the security risks of information, taking into account the impact of threats and vulnerabilities.
We design and implement a complete set of information security controls and other risk management mechanisms to address the security risks to which the client and the architecture are exposed.
We have a general administration process to ensure that information security controls meet our needs on an ongoing basis.
According to the CEO of GSS Group, César López, "this certificate represents a further step in the consolidation of the information management systems of our corporation, providing greater confidence and tranquility to our customers, as well as being an essential safety compliance and commitment".
As an industry specialized in managing people to manage the relationship with people, GSS Group is very sensitive to the issues of confidentiality and integrity of the data of our employees and customers.