On 27 June 2019, the European Regulation (EU) 2019/881 “Cybersecurity Act” entered into force, aimed at providing a European framework for a cybersecurity certification for information and communications technology ICT goods. Cybersecurity becomes a key factor for all European companies. The requirement to prove their capability to ensure the security of the information processed and the absence of exposure to cyberattacks will become increasingly grater. This proof requires inspections, carried out by independent third parties. The more credible the assessment provided by the inspector, the greater the value given to the inspection activity carried out
The organization is inspected to provide a clear picture of the Information security and Cybersecurity state according to the four dimensions of the “Cybersecurity Pyramid”:
The inspection is carried out in accordance with the criteria as follows:
Objectivity, measuring the current state of art according to predefined parameters,
Neutrality towards partisan beliefs
Impartiality and absence of conflicts of interest.
The organisational Cybersecurity state is documented in the inspection Report and issued by an Inspection Body. It can be used by the Inspected Organization to prove its Cybersecurity Maturity to third parties (clients, partners, regulatory Bodies, Public Administration). It is possible to make requests for attestations of authenticity and validity of the Inspection Report by sending reasoned requests with a copy of the Report in your possession to the Inspection Body at: OdI@gerico-sec.it.
What do we mean by inspection?
By the term of Inspection we mean “the examination of process and service Information Security within a perimeter, aimed at determining the maturity and compliance level with the international best practices for information security, cybersecurity & data protection” in particular, according to CSF – Cyber Security Framework and the National Framework for Cybersecurity and Data Protection.
Why turn to an Inspection Body compliant with the ISO/IEC 17020 standard?
The ISO/IEC 17020 standard sets out the Inspection Bodies’ guidelines and competency requirements to ensure the reliability of the services and assessment activities on compliance to be provided to the clients and supervisory authorities.
An Inspection Body compliant with the ISO/IEC17020 standard satisfies specific and formal requirements as follows:
The Inspection Bodies act in accordance with strict formal requirements, carrying out assessments on behalf of private clients, organisations linked to them, or authorities with the aim of attesting compliance with technical and legal requirements set out in the law and Cybersecurity practices of the Market.
You can call us at +393496847531 to get to know us better