Our data is secure with ISO certification. Yours can be too.

At Forvis Mazars, we work with sensitive client data that we can guarantee will not end up in the wrong hands. That is because we hold the important international certifications ISO 27001 and ISO 22301 – an independent external assessment that validates the protective measures of our information security and business continuity management system.

Cyber attacks are a daily reality. Slovakia recently experienced the largest attack in its history, which crippled the Cadastre Authority. However, other state institutions and private companies have also been and remain to be targeted.

ISO 27001 is an internationally recognised standard for information security management systems. It includes a comprehensive set of requirements and measures to protect sensitive information from unauthorised access, manipulation or loss. This certificate confirms that our company has implemented state-of-the-art security protocols and systematically protects our clients' data.

Closely linked to data protection is business continuity, which is covered by the ISO 22301 standard. This certificate allows us to guarantee the continuity of our services and an efficient return to normal operations even in the event of exceptional, unforeseen situations. Whether natural disasters, power outages or cyber attacks, we have proven procedures in place to handle a potential crisis situation.

"As part of our ISO 22301 certification process, we have proven that we have a Plan B in place to guarantee business continuity in the event of these threats. These standards naturally build on each other," explains Michaela Hecht, who covered the project together with Forvis Mazars’ internal process excellence team. According to Michaela, the preparation is very complex, taking the company up to a year, and – throughout the process – all the company departments get to know the workings of the firm's operations and processes down to the bone. This is crucial for the correct set-up of the processes and the subsequent certification.

The highest priority for Forvis Mazars in Slovakia is to provide quality services to our clients, for whom we provide not only audit but also outsourcing of accounting, payroll, tax or transactional advisory, and ESG. Although we are not a critical sector that is newly required by the European Union to meet cybersecurity criteria, we are a supplier to those in this sector. The international certifications make it easier for us to work together, help build client trust and open up opportunities for even better support and services. All Forvis Mazars branches in Slovakia are certified – offices in Bratislava, Košice, Nitra and Považská Bystrica.

ISO_IEC27001.jpg
ISO 22301 fb.jpg

We have invested in IT equipment, staff have been trained to know all the principles of secure data handling. "During the implementation, we not only reviewed digital security but also physical data security. We sent various phishing emails to employees as part of the preparation campaign, trying to lure out sensitive data and checking if they could prevent confidential information from leaking out. As part of a mystery audit, we checked whether colleagues had locked cupboards and drawers with documents that should be protected. All these exercises were successful and we are glad that today we can offer the service of consulting in preparing the company for ISO certification to our clients," Michaela says.

ISO 27001 and ISO 22301 certification is for companies of all sizes, public companies as well as non-profit organizations. It provides them with a comprehensive system for planning, implementing, but also monitoring information security and stability in business.

If you are interested in further information, let us know.

Contact us

Contact us