Supervisory audit of the integrated quality and information security management system

Published: 09.7.2024.

Supervisory audit of the integrated quality and information security management system

At the end of June, in Penta, a supervisory audit of the integrated quality management and information security system (ISO 9001:2015, ISO 27001:2022) was successfully conducted by ITC Universal Adria d.o.o., a company that is a representative of the British certification body ITC CERT LTD (International Testing and Certification services).

The integrated quality and information security management system is applied to the company's activities, i.e. it includes the design, development and implementation of IT systems. Penta expresses its commitment to the continuous improvement of the integrated management system, and we consider our focus on the needs of customers and their satisfaction with the service provided and implemented solutions as key challenges, according to which we measure our success and quality. Penta recognises the advantages of integrating several international ISO standards into one integrated system, which can satisfy a wider range of requirements. By properly implementing the guidelines of the ISO 9001 standard, the organisation realises a whole series of benefits that result from a successfully organised management system. The advantages are certainly the reduction of business risks, the reduction of costs related to customer complaints, a better relationship with suppliers and better and more efficient work processes. On the other hand, the ISO 27001 standard helps the organisation build an information security management system that takes into account technological aspects but also emphasises the human factor in information security. An information security system protects information from risks and threats to ensure continuity, minimise losses, and increase the cycle of opportunities and investments. Penta conscientiously and responsibly approaches the protection and insurance of its users' valuable information assets. This is done in accordance with current regulations in the field of information security and protection of personal data, contributing to the permanent building of trust among the users of its solutions.

After aligning quality and information security processes, we simplified the way our organisation works and increased efficiency in many areas, including overall business productivity. In 2020, an integrated system of environmental management (ISO 14001:2015) and occupational health and safety (ISO 45001:2018) was successfully implemented, which is regularly monitored, maintained, and evaluated year after year.

Image by Freepik