E-ITS and ISO27001 Advisory
OIXIO Cyber helps your company align with E-ITS (Estonian Information Security Standard) or ISO27001 standard.
Who is it for?
The responsibility for implementing E-ITS lies primarily with Estonian public sector companies. However, as an alternative to E-ITS, it is also allowed to implement the ISO27001 standard. ISO27001 is a widely recognized international standard that could also be the hygiene standard for any private sector company today in managing information security and raising the level of cyber security.
What problems or needs does it solve?
Why is the Estonian Information Security Standard (E-ITS) necessary?
- Every head of a organisation is responsible for the security and continuity of their own organisation’s data and information systems! Should a cyber attack occur, it is the manager who must report to the public. By implementing E-ITS, the risk of a cyber incident can be minimized.
- Obviously, the primary responsibility for E-ITS compliance lies with the providers of vital services, but also the Cyber Security Act means that there are approximately 3000 institutions in Estonia that need to align themselves with the new information security standard.
- The RIA actively monitors such organisations and, where necessary, imposes sanctions, publicly reporting injunctions and decisions resulting from non-compliance with E-ITS requirements. The maximum penalty payment resulting from non-compliance with E-ITS requirements may amount to €20 000 per day.
Why is the ISO27001 standard necessary?
- A systematic and comprehensive approach how to implement security governance.
- Helps companies identify and prevent security risks and mitigate business risk from cyber threats.
- It is a generally accepted international standard, which is also known and accepted outside Estonia.
- ISO27001 certificate raises your company’s reputation and gives you a competitive advantage in the business field – it’s a simple way to prove (e.g. to external partners or customers) that your company has a high level of cyber security.
- Implementing an information security management system may seem costly initially, but in the long run, implementing ISO27001 will lead to cost savings, as the damage caused by a cyber incident is usually many times greater.
Why OIXIO Cyber?
- The OIXIO Cyber team has years of experience in information security management and implementation of various standards for both larger and smaller Estonian private and public sector companies.
- We are not only theorists, but also very strong practitioners who can actually implement the necessary measures and keep them up and running.
- OIXIO IT offers a complete IT infrastructure and cyber security solutions, making the implementation of standards much easier and faster, as everything can be done with just one partner.
How do we help?
We can help you with the implementation of the E-ITS or ISO27001 standards in several ways.
- We advise and help you prepare for a certification audit.
- We create the necessary documentation and processes.
- We are developing an information security policy.
- We carry out a risk analysis and a risk management plan.
- We will identify and implement the necessary technical measures.
- We carry out internal audits.
Our experience
We have years of experience in conducting cyber security assessment, risk assessments and implementing and maintaining information security management systems on a day-to-day basis.
If you would like to ask any of our existing clients for feedback on our capabilities, please let us know and we will arrange a contact/meeting.