Design & development of an information security management system at National Center for Disease Control & Prevention (NCDC)
Apr 2018 – Jun 2019
In-line to implementation of the Electronic Integrated Disease Surveillance System (EIDSS) at NCDC Armenia, the latter was required by State Authorities to implement an information security management system and be certified against the international ISO/IEC27001 standard.
As part of the project team under Management Mix LLC, our experts provided expertise and technical support in designing, implementing, evaluating and maintaining the Information Security Management System at NCDC Armenia.
In 2018, the globally well-known TUV Rheinland conducted a certification audit at NCDC Armenia, as a result of which, the HQ, Reference Laboratory and all regional branches were awarded a certificate against ISO/IEC27001 standard. In 2019, the first surveillance audit was conducted; NCDC maintained the certificate and the expiration date was extended for another year.
- Planning & conducting diagnosis audit to evaluate the level of information security at HQ and all branches of NCDC.
- Development of a comprehensive Management system including policies, procedures, work instructions.
- Assessment of information security risks, and definition of control measures to mitigate each risk.
- Designation and establishment of the project steering management committee.
- Training & capacity building of the steering committee, middle and top managers and employees.
- Planning & conducting on-site inspections and internal audits.
- Planning & conducting review of the ISMS by Top Management.
- Support in certification audit process by a certification body.
Experts involved
- Njdeh Andreas
- Mher Manukyan
As part of the project team under Management Mix LLC.
References
Comments are closed