ISO/IEC 27001 – This is how T-Systems is certified

  1. Security Strategy
    Guidance by executive management regarding information security in the company.
  2. Security Organization
    Infrastructure to guarantee information security, classification and verification of values.
  3. Determination and Classification of Values
    Classification of information, identification and processing of information.
  4. Personnel Security
    Security for job descriptions and in the provision of resources, user training, procedures in the event of safety incidents and problems.
  5. Physical and Environmental-Related Security
    Security zones, device security, general measures.
  6. Management of Communication and Operations
    Operating procedures and responsibilities, system planning and acceptance, protection from malicious software, household organization, network management, handling and security of data carriers, exchange of information and software.
  7. Access Control
    Business requirements regarding access control, administration of the access rights of users, user responsibility, network access control, control of operating system access and system usage, mobile computing and telecommuting.