Government of India Standardisation Testing and Quality Certification Directorate Government of India
Ministry of Electronics & Information Technology
  • Logo

INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)

INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)

STQC operates third party ISMS certification scheme based on the ISO/IEC 27001 standard and offers ISMS Certification services since November 2001 to its valued clients in India and abroad.

The Certification Scheme is accredited by National Accreditation Board  for Certification Bodies (NABCB), Quality Council of India, vide Accreditation no:ISMS003.

Scope

Authorised to certify any type of organization operating in any industrial, commercial or public sectors.

Benefits of Certification

  • Public demonstration
  • Enhanced corporate image
  • A positive response from potential customers
  • Ensure management commitment
  • Drives forward improvement process

Why to Choose STQC?

  • First internationally recognized certification body in the country for Information Security Management Systems.
  • A team of competent ISMS lead auditors/auditors qualified as per international requirements.
  • Government of India organization, able to act truly as an independent third party, with high degree and confidentiality and integrity.
  • Able to offer services in a very cost effective, competent and credible manner with customer care as the focus.
  • Member of the ISO Committee responsible for development of ISO/IEC 27001 standard.

Client profile

Client profile includes IT, ITeS, Banking/ Finance, Telecom, Healthcare, Automobiles, Manufacturing, Data Center, Public sector and Government organizations.

Certification Process

isms

Documents required with Application form Client :

  • Security Policy documents
  • Statement of Applicability (SoA)
  • Scope (in case a separate document on scope and boundaries exists)

Forms (downloads)

Contact US

Name and Designation Address Phone/Email/Fax
Atul Gupta, Scientist G

STQC Directorate
Ministry of Electronics and Information Technology.
Electronics Niketan, III Floor, 6,CGO Complex,
Lodi Road,
New Delhi - 110 003

 Phone: 011 - 24301372
Email: atulgupta AT stqc.gov.in
Fax: 011 - 24363083

System And Software Audits:

1. Process Audit:

  • Requirements Processes
  • Development Processes
  • Operational Processes
  • Maintenance Processes

Audit of processes is done as per international standards/ Best practices such as ISO/IEC 12207, IEEE Software Engineering Standards, ISO 15504 (SPICE)

2. IT Infrastructure Audit:

Audit of critical IT Infrastructure deployed at Data Centre, Disaster Recovery Site, Network, Gateway, Front-Offices and Back Office locations is undertaken to verify that they are in compliance to Bill-of-Material and defined architecture. The audit also covers operationalization aspects of IT infrastructure:

  • Hardware Configuration and Operationalization Audit
  • Software Configuration and Operationalization Audit
  • Deployed Solution Architecture and Operationalization Audit
  • Gateway Audit

Support Services:

1. Support Services for Process:

Support services in setting up system & software processes like testing, configuration management, project planning etc. as per ISO/IEC 12207, IEEE Software Engineering Standards & Best Practices.

2. Support Services for Documentation:

Counselling services in development of system & software documentation such as Requirements Specification, User Manual, Plans & Reports etc.