Our Mission Statement.
CIS - Certification & Information Security Services GmbH is a service provider in the fields of certification of management systems and certification of individuals. For the two service areas, CIS is accredited as a Certification Body by Akkreditierung Austria.
Certification of management systems is exclusively conducted while using international standards (ISO). As for certification of individuals, recognized normative documents are taken as a basis for certification. Since February 2020 CIS is also accredited as “qualified entity” according to § 17 Abs. 3 NISG by the Federal Ministry of the Interior (BMI).
In addition to accredited certifications of ISO management systems, CIS also offers audits and certifications of data centers and aims for the respective accreditation.
CIS thinks that the value of certification is characterized by the following factors:
- use of rules recognized on an international scale, e.g. ISO Standards
- accreditation granted by a competent Accreditation Body
- the principles below
CIS is 100% owned by Quality Austria, a recognized organization for the certification of systems and products. CIS thus has an owner whose requirements for independence and uninfluenceability of decisions in connection with the performance of certifications correspond to those of CIS. In this sense, CIS is free to define its policy, its actions and its decisions. The provision of services to CIS customers is uninfluenced by and independent of consulting organizations, competing companies or other influential interest groups.
Decisions to grant, deny, maintain certification, extend or limit the scope of certification, renew, suspend or reinstate after suspension, or withdraw certification are made solely by CIS.
CIS - Certification & Information Security Services GmbH is financed exclusively from the revenues generated by its product portfolio. Financial contributions in the form of grants, subsidies, sponsorships, etc. are not received. In order to satisfy any liability claims arising from the fault of CIS and in accordance with the requirements of Section 12 (7) of the Accreditation Act 2012, CIS has taken out liability insurance in all countries in which it operates, in accordance with the applicable legal requirements.
CIS focuses on the range of services in the field of certification of individuals and management systems for information security and IT service management. Specific technical knowledge and experience will be directly brought in by CIS Auditors in the course of the certification process. Additional services in the field of consulting, which go beyond this, won’t be offered for reasons of impartiality.
CIS is well aware of the fact that each audit can only have a sampling character. In order to enable an independent decision about compliance with the requirements for certification in spite of this, comprehensive and traceable audit reporting is particularly important.
CIS discloses all the useful information that is relevant to certification and is not subject to confidentiality.
All the persons acting on behalf of CIS are obliged to keep facts that have come to their knowledge or information/documents viewed in strict confidence by adequate agreements.