Information security management system of Statistics Lithuania was certified according to LST EN ISO / IEC 27001: 2017 standard for the first time
In order to ensure the quality of statistical information and its own activities, Statistics Lithuania (SL) follows the UN Fundamental Principles of Official Statistics, provisions of the Quality Declaration of the European Statistical System (ESS) and the European Statistics Code of Practice.
A quality management system, conforming to the requirements of the ISO 9001 standard, was implemented at SL in 2007 and in 2016 it was re-certified for the fourth time in turn according to the ISO 9001:2015 version.
On 24 August 2018, in order to ensure compliance with the ESS IT safety guidelines, the Information security management system of the Statistics Lithuania was certified in accordance with LST EN ISO / IEC 27001: 2017 standard for the first time. The external auditors assessed the Information security management system of the Statistics Lithuania and determined that the Department's Information security management system complies with the requirements of the standard of LST EN ISO / IEC 27001: 2017 in the field of preparation of official statistics of the country.
LST EN ISO / IEC 27001: 2017 standard is an international standard defining the requirements for the information security management system to enable the organization to assess risks and to put in place appropriate controls to protect the confidentiality, integrity and availability of information. Compliance with the requirements of this standard confirms that the authority and its information security management system is reliable.
LST EN ISO / IEC 27001: 2017 standard covers all aspects of information management: from computer data to public speaking conversations, including physical protection and initial staff checking. LST EN ISO / IEC 27001: 2017 standard helps to ensure business continuity in almost all possible circumstances: fire, flood, burglary, missing information, breach of confidentiality requirements or even terrorism. By implementing the information security management system, Statistics Lithuania has developed and implements an information security policy that covers all methods and aspects of data storage.
Advantages of standard LST EN ISO / IEC 27001: 2017:
- the reliability, availability and confidentiality of information is ensured;
- the standard includes risk management, safety policy principles, physical and environmental safety, access control, communication and operations management, incident management, business and business continuity, resource and asset management, compliance with legislation;
- stakeholder confidence in the organization;
- management of legal and other requirements is ensured.