Our mission statement.
1. General information
CIS – Certification & Information Security Services GmbH is an Austrian service company and has its origins in the field of certification of management systems and certification of persons. It is accredited by Akkreditierung Austria as a certification body for both service areas.
The certification of management systems is carried out exclusively under application of international standards (ISO) , in the area of persons, recognised normative documents are used as the basis for certification. Since February 2020, CIS has also been authorised by the Federal Ministry of the Interior as a qualified body for the inspection of operators of essential services in accordance with Section 17 (3) NISG.
In addition to accredited certifications at the level of ISO management systems, CIS is also the first Austrian company to carry out accredited audits and certifications of data centres.
CIS believes that the value of certification is characterised by the following premises:
- the application of internationally recognised rules of technology such as ISO standards or CENELEC standards,
- accreditation by a competent accreditation body and
- the principles described below
2. Decision and independence
CIS is wholly owned by qualityaustria Holding GmbH. The holding company also includes other organizations, most of which offer accredited services and, in some cases, consulting services. CIS is independent of the other organizations within the holding company in its decisions relating to the implementation of certifications. The management is not subject to any instructions, in particular from the steering committee, regarding the review, recognition, and decision-making process concerning the results of conformity assessments.
CIS provides services to CIS customers without being influenced by or independent of consulting organizations, competing companies, or other influential interest groups. Decisions on the granting, refusal, maintenance of certification, extension or restriction of the scope of certification, renewal, suspension or reinstatement after suspension, or withdrawal of certification are made exclusively by CIS.
3. Expertise
CIS is focussed on the range of services in the field of certification of management systems for information security and IT service management. CIS auditors contribute their specific expertise and experience directly as part of the certification process. For reasons of impartiality, additional services in the field of consulting are not offered.
4. Responsibility
CIS is aware of the fact that each audit can only have the character of a random sample. Nevertheless, in order to be able to make an independent decision on the fulfilment of the requirements for certification, comprehensive and comprehensible audit reporting is essential.
5. Openness
CIS shall disclose all relevant information relating to certification that is not subject to confidentiality on its website.
6. Confidentiality
All persons acting on behalf of CIS are bound by appropriate agreements to strict confidential treatment of facts brought to their attention or information/documents viewed.
CIS Code of Conduct
If you are interested in the CIS Code of Conduct, you can simply download it here or send us an e-mail to office@cis-cert.com if you have any further questions.