Information security and how to achieve it

Standards represent one of the proven tools that provide the ability to protect business information and ensure its safe use, storage and exchange. The SRPS ISO/IEC 27000 series of standards, which refers to information security management, includes Serbian standards that are identical to the ISO/IEC 27000 international standards series of the same name.

The most famous among them, ISO/IEC 27001, Information security, cybersecurity and privacy protection — Information security management systems — Requirements, was updated at the end of October this year and its new version was published. Therefore, the process of amending the Serbian standard, which is currently in the final draft stage, has been initiated (https://iss.rs/sr_Cyrl/project/show/iss:proj:104705), and its adoption is expected by the end of this year. In addition, the standard SRPS ISO/IEC 27002, Information technology — Security techniques — Code of practice for information security controls, which has a new edition at the international level this year, was adopted in August as the Serbian standard SRPS ISO/IEC 27002 (https://iss.rs/sr_Cyrl/project/show/iss:proj:104706) in English. Both standards already have versions in the Serbian language in preparation, and the plan of the responsible ISS NTC I224, Identification, cards, financial activities and IT security techniques, is their adoption in the first half of 2023. 

In order to help users understand the requirements of these standards, as well as their relation to legal regulations, ISS is organizing a seminar „Information security — standard ISO/IEC 27001:2013, sector standards, legislation and European regulations“ (https://iss.rs/sr_Cyrl/training/course/show/103). This seminar is intended for managers and information security specialists, as well as everyone else who is interested in learning more about this topic, which is extremely important for the business of any modern organization.