atsec U.S. announces BS 7799 certification

2005-08-22

AUSTIN, TX – 5 August 2005 - The atsec information security corporation information security management system has been certified as compliant with BS 7799-2, the international information security management standard. atsec was proposed for BS 7799 certification by TÜV CERT following a comprehensive evaluation of atsec’s IT security practices.

Fiona Pattinson, atsec quality manager, discusses why atsec decided to seek BS 7799 certification: “Maintaining our industry reputation as a provider of evaluation and IT security consulting services requires that we ourselves maintain the very highest levels of quality and security in our own business practices. What’s more, as a global player in IT security, we particularly value international standards for their mutual recognition and interoperability across cultures. BS 7799 certification fits with both these priorities, because it enables us to demonstrate that we have planned and implemented a sustainable information security management system in accordance with a rigorous, internationally-recognized standard.”

Helmut Kurth, atsec chief scientist, addresses the role that information security management plays in managing today’s complex IT security issues: “Information security management as part of an overall risk management process will become more and more important. Only a security management system integrated with a company’s organizational structure and quality management system can provide a consistent level of security in a rapidly changing IT world. Such a system enables an organization to react fast to new vulnerabilities and address the specifics of new systems and applications to maintain a consistent level of security.”

Certification of the information security management system closely follows certification of atsec’s quality management system as ISO 9001:2000 compliant. Earning both BS 7799-2 and ISO 9001:2000 certifications is unique in the Common Criteria evaluation industry and stands as solid proof of atsec’s commitment to total quality from both a security and management point of view.

About BS 7799

BS 7799-2 (soon to be ISO/IEC 27001) and its related code of practice, ISO/IEC 17799 (which will be renumbered to ISO/IEC 27002 as part of the emerging ISO/IEC 27000 family of standards), describe an information security management standard for organizations that is quickly growing in popularity around the world. The basis for the standard is that information is an organization’s most valuable asset. As a valued asset, information must be managed and protected from internal and external threats. In order to protect its information assets, the organization must develop sustainable security measures and integrate those measures into its business processes.

About atsec information security

atsec information security is the leading provider of high-quality information security services. These include laboratory services including product evaluation, as well as general consulting in a wide range of information security areas including Information Security Management Systems (ISMS), risk management, PKI consulting, privacy assessment, and security auditing. atsec information security was founded in 2000 and operates in the U.S. and Europe, including Munich, Cologne, Austin and Stockholm.

Our information security consultants have many years of experience analyzing and setting up information security management procedures for large commercial organizations.