The State Operator for Non-Lethal Acquisition (DOT) has initiated preparations for the certification of its information security management system under the international standard DSTU ISO/IEC 27001:2022.
ISO 27001 is an international standard that defines the requirements for an Information Security Management System (ISMS). This standard helps organizations of any size and sector ensure the confidentiality, integrity, and availability of information, which is critical for their operations.
The State Operator has systematically worked on:
-
Implementing technical and organizational information security measures.
-
Managing information security risks.
-
Complying with legal requirements.
-
Training and raising team awareness on information security and cyber hygiene.
Certification under ISO 27001 will be a strategically important step for DOT, as it will help ensure a high level of information security, confirm the protection of supply data, and increase trust from government agencies and partners.
"Passing the audit and confirming compliance with the ISO international standard will demonstrate that DOT has built an information security management system that ensures the confidentiality, integrity, and availability of information. Additionally, the presence of the certificate will serve as a constant motivation for DOT to adhere to all existing rules and policies, as audits are retrospective and require continuous incident documentation and post-audits. We fully understand the responsibility of working with data concerning the Armed Forces of Ukraine, and as an organization, we strive to meet the highest standards in information management," said Alona Zhuzha, IT advisor at DOT.
The audit will be conducted by an accredited certification body under the National Accreditation Agency of Ukraine (NAAU), which provides auditing and certification services for management systems according to international standards.
