1. Home
  2. /
  3. News
  4. /
  5. Ducen IT receives ISO 27001:2013 Certification for Information Security Management System (ISMS)

March 2016 – Ducen IT has been certified for the internationally recognized ISO 27001:2013 standards that endorse the company’s commitment to high standards and security controls.

This designation guarantees peace of mind to our customers who are concerned with the level of care and security measures taken to handle their data.

At Ducen, we ensure security arrangements are fine-tuned and our professionals take proactive measures to minimize security threats and vulnerabilities on an ongoing basis and handle customer’s data with utmost care.

Ducen’s Security Standards

To provide a systematic means of identifying and assessing information security risks, Ducen adopts an asset-driven risk assessment scheme to enable logical security decisions to be interwoven with the organization’s overall mission, goals, and business objectives.

At periodic intervals, Ducen analyzes and evaluates security risks associated with confidentiality, integrity, and availability of an organization’s assets, information, and data. All the asset evaluations are based on the importance of the asset to the organization’s business.

To identify the assets that require attention, total risk value is calculated based on the asset value, threat value, and vulnerability value. Risks greater than the ‘acceptable level’ deploy security controls to mitigate risks and initiate real-time monitoring of the entire security environment.

Ducen Management is committed to continually improve its ISMS through the use of information security policy, information security objectives, audit results, analysis of monitored events, corrective and preventive actions, and management reviews.

At Ducen, we conduct internal ISMS audits of the security controls and processes used in the delivery of our services and regularly implement the identified improvements, corrective and preventative actions to ensure our security standards meet ISO 27001:2013 international standard.

Benefits for Customers

ISO 27001:2013 certification is a proof of compliance and our commitment to high standards and security controls to contribute to better responsiveness to customer needs and in turn greater perceived integrity, customer confidence, and trust when handling data. There are other advantages as follows:

  • Round-the-clock monitoring to protect customer information from a range of security threats
  • Opportunity to identify security weaknesses
  • Better incident management
  • Minimize downtime and ensure business continuity
  • Minimize financial loss and reputational damage.