Since December 2018, IT4Innovations National Supercomputing Center has been an Information Security Management System certificate holder according to the international ISO/IEC 27001:2013 (Czech version: ČSN ISO/IEC 27001:2014) standard.
The ISO 27001 certificate has been awarded for the following areas:
- Provision of national supercomputing infrastructure services,
- High-performance computing problems solutions,
- Performance of advanced data analysis and simulations,
- Processing of large data sets.
Certification according to this standard based on the PDCA cyclic method principle certifies that IT4Innovations plans, maintains, evaluates, and continually improves its information security management system. In the field of information security, it includes continual risk management, defining security policies, evaluating the efficiency of adopted measures, mitigating potential impacts, raising the security awareness of employees, managing interactions with economic operators, and securing other security aspects at the organisational and administrative, personal, physical, and cryptographic levels. The awarded certification is valid in the context of all organisational units; institutional departments and all employees. Information security is thus managed not only in the area of operation and provision of information technologies but also science, research, and administration.
This certification is subject to regular independent audit, which is performed by a certification body accredited by the Czech Accreditation Institute, a public-benefit non-profit organization. IT4Innovations thereby demonstrates that ensuring information security of all interested parties is part of its strategic security vision.