Informacijos ir kibernetinio saugumo valdymas

Services for assessment of compliance of information systems security management with the requirements of Lithuanian standards LST EN ISO / IEC 27001 and LST EN ISO / IEC 27002


Conformity assessment according to the requirements of Lithuanian standards LST EN ISO/IEC 27001 and LST EN ISO/IEC 27002 (ISO 27001 and ISO 27002) for compliance of information systems security will help to properly assess the acceptable level of information security in the organization, including confidentiality, integrity and availability.

Cyber security entities : an entity which controls and/or manages information resources of the state, for example, acting as an owner and/or manager of critical information infrastructure, provider of public communication networks and/or public electronic communication services, supplier of hosting and other digital services must implement the organizational and technical requirements of cyber security established in the legal acts of the Republic of Lithuania.

Failure to comply with the established organizational and technical requirements for cyber security shall result in a warning or a fine to the heads of the legal entities or other responsible persons.

The controller and the processor under the EU General Data Protection Regulation (GDPR) must implement appropriate technical and organizational measures to ensure a level of security, which can be properly implemented with an ISMS compliant with ISO 27001.

Infringements of the GDPR may result in administrative fines of up to 2 – 4%. the total annual worldwide turnover of the preceding financial year, or up to EUR 10 000 000 to EUR 20 000 000.


  • We gather evidence and information
  • We value evidence and information
  • We identify discrepancies
  • We prepare recommendations to eliminate non- compliances


  • Compliance assessed. Compliance with ISO 27001 and ISO 27002 requirements has been assessed
  • Report prepared. A report on the assessment of compliance to ISO 27001 and ISO 27002 has been prepared, detailing the non-compliance identified during the compliance assessment
  • Recommendations prepared. Recommendations have been prepared to address non-compliances identified during ISO 27001 and ISO 27002 during compliance assessment


  • Assessed the level of information security and cyber security management of the organization and the potential risks
  • The adequacy and effectiveness of organizational and technical measures for information security and cyber security and personal data protection were assessed
  • Gaps have been identified and a plan prepared to close them
  • Compliance with ISO 27001 and ISO 27002 requirements is ensured
  • Compliance with GDPR requirements is ensured

Contact person

Ernestas Lipnickas
Mobile: +370 (605) 44 444