Our Mission Statement.
1. General
CIS - Certification & Information Security Services GmbH is a service provider in the fields of certification of management systems and certification of individuals. For the two service areas, CIS is accredited as a Certification Body by Akkreditierung Austria.
Certification of management systems is exclusively conducted while using international standards (ISO). As for certification of individuals, recognized normative documents are taken as a basis for certification. Since February 2020 CIS is also accredited as “qualified entity” according to § 17 Abs. 3 NISG by the Federal Ministry of the Interior (BMI).
In addition to the accredited certifications at ISO management system level, CIS is also the first Austrian company to carry out accredited audits and certifications of data centres.
CIS thinks that the value of certification is characterized by the following factors:
- use of rules recognized on an international scale, e.g. ISO Standards
- accreditation granted by a competent Accreditation Body
- the principles below
2. Impartiality
CIS is 100% owned by Quality Austria, a recognized organization for the certification of systems and products. CIS thus has an owner whose requirements for independence and uninfluenceability of decisions in connection with the performance of certifications correspond to those of CIS. In this sense, CIS is free to define its policy, its actions and its decisions. The provision of services to CIS customers is uninfluenced by and independent of consulting organizations, competing companies or other influential interest groups.
Decisions to grant, deny, maintain certification, extend or limit the scope of certification, renew, suspend or reinstate after suspension, or withdraw certification are made solely by CIS.
CIS - Certification & Information Security Services GmbH is financed exclusively from the revenues generated by its product portfolio. Financial contributions in the form of grants, subsidies, sponsorships, etc. are not received. In order to satisfy any liability claims arising from the fault of CIS and in accordance with the requirements of Section 12 (7) of the Accreditation Act 2012, CIS has taken out liability insurance in all countries in which it operates, in accordance with the applicable legal requirements.
3. Competence
CIS focuses on the range of services in the field of certification of individuals and management systems for information security and IT service management. Specific technical knowledge and experience will be directly brought in by CIS Auditors in the course of the certification process. Additional services in the field of consulting, which go beyond this, won’t be offered for reasons of impartiality.
4. Responsibility
CIS is well aware of the fact that each audit can only have a sampling character. In order to enable an independent decision about compliance with the requirements for certification in spite of this, comprehensive and traceable audit reporting is particularly important.
5. Openness
CIS discloses all the useful information that is relevant to certification and is not subject to confidentiality.
6. Confidentiality
All the persons acting on behalf of CIS are obliged to keep facts that have come to their knowledge or information/documents viewed in strict confidence by adequate agreements.
Code of Conduct of CIS
If you are interested in the Code of Conduct of CIS, please check our download section or send an e-mail to office@cis-cert.com.
