GAITS is one of the first government contractors with cyber security certification ISO/IEC 27001:2005 at the corporate level
GAITS has achieved the ISO/IEC 27001:2005 (Cyber Security/Information Security) certification. The comprehensive process and audit has examined all Information Security Management systems, plans, and documentation to determine GAITS' compliance with all ISO Cyber Security requirements. GAITS has been ISO 27001:2005 Certified at the corporate level and about 115 of the nearly 400 GAITS employees work within Cyber Security. ISO 27001 is the international best practice standard for information and cyber security management systems. The basic objective of the standard is to help establish and maintain an effective information security management system, using a continual improvement approach. ISO 27001 sets standards for a broad range of reactive and proactive security areas such as:
-- Systematically examine the organization's information security risks,
taking account of the threats, vulnerabilities and impacts;
-- Design and implement a coherent and comprehensive suite of information
security controls and/or other forms of risk treatment (such as risk
avoidance or risk transfer) to address those risks that are deemed
unacceptable; and
-- Adopt an overarching management process to ensure that the information
security controls continue to meet the organization's information
security needs on an ongoing basis; as well as
-- Security Policy and Information Security Incident Management
-- Organization of Information Security
-- Asset Management and Access Control
-- Human Resources Security
-- Physical and Environmental Security
-- Communications and Operations Management
-- Information Systems acquisition, Development and Maintenance
-- Business Continuity Management and Compliance
"We have invested over 18 months and the ISO 27001:2005 Certification has been a remarkable achievement for GAITS. Cyber security is one of the highest priorities within our countries national security initiatives and with this certified methodology; it will allow us to help our federal government customers incorporate a certified cyber security process," commented Tony Asefi, CEO.
GAITS currently holds an ISO 9001:2008 and ISO/IEC 20000-1:2005 (ITIL) certification, as well as a SEI -CMMI (SW) Level II rating.
Source: GAITS