Our Mission Statement.
CIS - Certification & Information Security Services GmbH is a service provider in the fields of certification of management systems and certification of individuals. For the two service areas, CIS is accredited as a Certification Body by the Austrian Ministry for Economic Affairs.
Certification of management systems is exclusively conducted while using international standards (ISO). As for certification of individuals, recognized normative documents are taken as a basis for certification. Since February 2020 CIS is also accredited as “qualified entity” according to § 17 Abs. 3 NISG by the Federal Ministry of the Interior (BMI).
In addition to accredited certifications of ISO management systems, CIS also offers audits and certifications of data centers and aims for the respective accreditation.
CIS thinks that the value of certification is characterized by the following factors:
- use of rules recognized on an international scale, e.g. ISO Standards
- accreditation granted by a competent Accreditation Body
- the principles below
CIS is an autonomous company in which no organizations have an interest. Thanks to this, CIS can freely establish its policy, its way of acting and its decisions and thus is only obliged to its customers. CIS provides services to its customers without being influenced by and depending on consulting companies, competitors or other interested parties exerting influence. CIS has striven for accreditation as a body for certifying individuals because it is convinced imparting knowledge to individuals active in organizations and certifying their competence will have an essential and sustainable effect on establishing and maintaining a management system.
CIS focuses on the range of services in the field of certification of individuals and management systems for information security and IT service management. Specific technical knowledge and experience will be directly brought in by CIS Auditors in the course of the certification process. Additional services in the field of consulting, which go beyond this, won’t be offered for reasons of impartiality.
CIS is well aware of the fact that each audit can only have a sampling character. In order to enable an independent decision about compliance with the requirements for certification in spite of this, comprehensive and traceable audit reporting is particularly important.
CIS discloses all the useful information that is relevant to certification and is not subject to confidentiality.
All the persons acting on behalf of CIS are obliged to keep facts that have come to their knowledge or information/documents viewed in strict confidence by adequate agreements.