atsec在美国和德国成功完成监督审计

Austin and Munich – atsec information security has demonstrated its firm commitment to quality and information security by continuing and expanding certification of its management systems and evaluation labs according to international standards.

In Germany, atsec information security GmbH recently worked with BSI to undergo a surveillance level audit of its integrated management system and physical security provisions according to the ISO/IEC 17025:2005 standard. Successful completion of this audit will result in continuing certification for the Munich evaluation lab. In addition, the scope of certification was expanded to include also the atsec Cologne evaluation facility, which required close scrutiny of that operation through a separate audit by BSI.

In the U.S., atsec information security corporation, working with TÜV CERT, recently achieved a successful audit to maintain its information security management system certification according to the ISO/IEC 27001:2005 (formerly BS 7799-2) standard. In addition, the U.S. company’s quality management system was successfully audited in December 2005 by TÜV Rheinland of North America to maintain its certification against the ISO 9001:2000 standard.

atsec invests heavily in helping to develop and shape international security standards and uses these standards in its own consultancy. Earning and maintaining these standards-based certifications is solid proof of atsec’s commitment to total quality from both a security and management perspective.

About ISO/IEC 17025:2005
ISO/IEC 17025:2005 is used by laboratories in developing their management systems for quality, administrative and technical operations. The standard includes general requirements for competence to carry out tests, covering standard methods, non-standard methods, and laboratory-developed methods. It is a prerequisite for accreditation as a Common Criteria evaluation lab in Germany, the U.S. and other countries issuing internationally recognized Common Criteria certificates.

About ISO/IEC 27001:2005
ISO/IEC 27001 (formerly BS 7799-2) and its related code of practice, ISO/IEC 17799 describe an information security management standard for organizations based on the assertion that an organization’s most valuable asset is its information. As a valued asset, information must be managed and protected from internal and external threats by sustainable security measures integrated into business processes.

About ISO 9001:2000
ISO 9001:2000 is the international standard for quality management systems. The focus is on quality management; that is, what a company does to fulfill the customer’s quality requirements and applicable regulatory requirements, while enhancing customer satisfaction and achieving continual improvement of its performance in pursuing these objectives.

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000 and has extensive international operations with offices in the US, Sweden, the UK, and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, BMW, SGI, Vodafone, Swisscom, and RWE.