Services for assessment of compliance of information systems security management with the requirements of Lithuanian standards LST EN ISO / IEC 27001 and LST EN ISO / IEC 27002
Conformity assessment according to the requirements of Lithuanian standards LST EN ISO/IEC 27001 and LST EN ISO/IEC 27002 (ISO 27001 and ISO 27002) for compliance of information systems security will help to properly assess the acceptable level of information security in the organization, including confidentiality, integrity and availability.
Cyber security entities: an entity which controls and/or manages information resources of the state, for example, acting as an owner and/or manager of critical information infrastructure, provider of public communication networks and/or public electronic communication services, supplier of hosting and other digital services must implement the organizational and technical requirements of cyber security established in the legal acts of the Republic of Lithuania.
Failure to comply with the established organizational and technical requirements for cyber security shall result in a warning or a fine to the heads of the legal entities or other responsible persons.
The controller and the processor under the EU General Data Protection Regulation (GDPR) must implement appropriate technical and organizational measures to ensure a level of security, which can be properly implemented with an ISMS compliant with ISO 27001.
Infringements of the GDPR may result in administrative fines of up to 2 – 4%. the total annual worldwide turnover of the preceding financial year, or up to EUR 10 000 000 to EUR 20 000 000.
- We gather evidence and information
- We value evidence and information
- We identify discrepancies
- We prepare recommendations to eliminate non- compliances
- Compliance assessed. Compliance with ISO 27001 and ISO 27002 requirements has been assessed
- Report prepared. A report on the assessment of compliance to ISO 27001 and ISO 27002 has been prepared, detailing the non-compliance identified during the compliance assessment
- Recommendations prepared. Recommendations have been prepared to address non-compliances identified during ISO 27001 and ISO 27002 during compliance assessment
- Assessed the level of information security and cyber security management of the organization and the potential risks
- The adequacy and effectiveness of organizational and technical measures for information security and cyber security and personal data protection were assessed
- Gaps have been identified and a plan prepared to close them
- Compliance with ISO 27001 and ISO 27002 requirements is ensured
- Compliance with GDPR requirements is ensured
- A Compliance Assessment Project Has Been Finished in the State Tax Inspectorate
- A Compliance Assessment Services for Government Information Resources and Communications and Information Systems Managed and Managed
- State Health Insurance Fund User Identity and Rights Management and User Registration and Control System Implementation Project
- Independent ESPBI IS – Electronic Health Services and Collaboration Infrastructure Information System) Security Audit Project of SE Center of Registers
- The Lithuanian standard LST EN ISO/IEC 27001
- The Lithuanian standard LST EN ISO/IEC 27002
- The Law of Cyber Security of the Republic of Lithuania
- The Resolution No 818 of the Government of the Republic of Lithuania of 13 August 2018 ‘On the Implementation of the Republic of Lithuania Law on Cybersecurity
- The Code of Administrative Offences of the Republic of Lithuania
- The EU General Data Protection Regulation (GDPR)