Our mission statement.
1. General information
CIS – Certification & Information Security Services GmbH is an Austrian service company and has its origins in the field of certification of management systems and certification of persons. It is accredited by Akkreditierung Austria as a certification body for both service areas.
The certification of management systems is carried out exclusively under application of international standards (ISO) , in the area of persons, recognised normative documents are used as the basis for certification. Since February 2020, CIS has also been authorised by the Federal Ministry of the Interior as a qualified body for the inspection of operators of essential services in accordance with Section 17 (3) NISG.
In addition to accredited certifications at the level of ISO management systems, CIS is also the first Austrian company to carry out accredited audits and certifications of data centres.
CIS believes that the value of certification is characterised by the following premises:
- the application of internationally recognised rules of technology such as ISO standards or CENELEC standards,
- accreditation by a competent accreditation body and
- the principles described below
2. Decision and impartiality
CIS is 100% owned by Quality Austria, a recognised organisation for the certification of systems and products. CIS thus has an owner whose requirements for independence and impartiality of decisions in connection with the performance of certifications correspond to those of CIS. In this sense, CIS is free to determine its policies, actions and decisions. The provision of services for CIS customers is uninfluenced and independent of consulting organisations, competitor companies or other influential interest groups.
Decisions regarding the granting, denial, maintenance of certification, extension or limitation of the scope of certification, renewal, suspension or reinstatement following suspension, or withdrawal of certification are made solely by CIS.
CIS – Certification & Information Security Services GmbH finances itself exclusively from the income from the product portfolio. Financial contributions in the form of grants, subsidies, sponsorships, etc. are not received. In order to satisfy any liability claims arising from the fault of CIS and in accordance with the requirements of Section 12 (7) of the Accreditation Act 2012, liability insurance is in place in all countries in which CIS operates in accordance with the applicable legal requirements.
3. Expertise
CIS is focussed on the range of services in the field of certification of management systems for information security and IT service management. CIS auditors contribute their specific expertise and experience directly as part of the certification process. For reasons of impartiality, additional services in the field of consulting are not offered.
4. Responsibility
CIS is aware of the fact that each audit can only have the character of a random sample. Nevertheless, in order to be able to make an independent decision on the fulfilment of the requirements for certification, comprehensive and comprehensible audit reporting is essential.
5. Openness
CIS shall disclose all relevant information relating to certification that is not subject to confidentiality on its website.
6. Confidentiality
All persons acting on behalf of CIS are bound by appropriate agreements to strict confidential treatment of facts brought to their attention or information/documents viewed.
CIS Code of Conduct
If you are interested in the CIS Code of Conduct, you can simply download it here or send us an e-mail to office@cis-cert.com if you have any further questions.