This year, the auditors praised in particular the management's involvement and employee commitment, the progress in improving the functioning of IMS, the stability and corporate culture of the company, as well as the way in which capacity planning is carried out and the maturity of management and reporting. Very positive was also the assessment of the quality of the application of the GDPR in the company's environment, which is far from obvious given the scope and demands of the standard. They also highly appreciated the computerization of some processes in the area of human resources management and internal audits.
Our own information system SOFTIP AUDIT significantly helps us in this. It enables comprehensive planning and processing of internal audits in accordance with the requirements of the EN ISO 19011 standard Guidance for auditing management systems, as well as recording, processing and monitoring of suggestions and corrective measures. „SOFTIP AUDIT is a very important help in making individual audits more transparent and faster. The processes are clearly defined from the preparation of the audit to working with its conclusions,“confirmed Sulamit Vazaga, IMS coordinator at SOFTIP.
TÜV SÜD positively evaluated the high competence and approach of the staff directly involved in the audit. „That is why I want to thank not only Sulamit, but also all my colleagues who contributed significantly to its positive outcome,“ said Martin Vlčko, member of the Board of Directors and CFO of SOFTIP.
„We strive for a systematic approach to company management and our IMS is our support. Its key components are, in addition to the usual requirements of the implemented ISO standards, not-so-traditional areas such as research and development and, of course, data protection rules. Our company has also taken a responsible approach to the Declaration of Applicability, which it has extended beyond Annex A of ISO 27001 to include the requirements of the GDPR,“ he added.
Integrated management system at SOFTIP is based on the penetration of the implementation of international standards related to:
Quality Management System EN ISO 9001,
ISO/IEC 27001 Information Security Management System,
Quality management system in EN ISO 10006 projects,
Environmental Management System EN ISO 14001,
OHSAS 18001 Occupational Health and Safety Management System.
The certificate is valid for development, production, implementation and support of information and communication systems, provision and outsourcing of consulting, analytical, research and advisory services, training, education, business and marketing activities in the field of information and communication systems.