ISO/IEC 27001:2013 - Information Security Management System
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
Cassa di Compensazione e Garanzia (CC&G) holds certificate N. IT298300 and operates an Information Security Management System which complies with requirements of ISO/IEC 27001:2013 for the following scope:
The Information Security Management System for regulated processes supporting CC&G's institutional activities, with a specific focus on CCP and Risk Management services.