ISO/IEC 27001:2022 Information Security Management System Certification

ISO/IEC 27001:2022 is an international standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). This standard applies to organizations of all types, regardless of size or sector, aiming to protect information assets against increasingly complex security risks in the digital era.
 
Based on the standard's requirements, GIC Vietnam provides ISO/IEC 27001:2022 certification services to assess and verify the conformity of the Information Security Management System at the enterprise. The audit process is conducted independently, objectively, and systematically, ensuring compliance with requirements regarding competence, impartiality, and reliability in certification activities.
 
Through certification, GIC Vietnam confirms that the organization's information security management system:

• Is established and applied in accordance with the requirements of the ISO/IEC 27001:2022 standard;
• Ensures the Confidentiality – Integrity – Availability of information;
• Is capable of effectively identifying, assessing, and controlling information security risks;
• Contributes to enhancing the trust of customers, partners, and stakeholders.

• Affirm its competence in information security management according to international standards;
• Meet legal requirements, regulations, and contractual obligations related to information security;
• Strengthen reputation and competitiveness in production, business operations, and service delivery.

II. CERTIFICATION PROCESS

1. Registration & Review: The enterprise contacts GIC Vietnam for guidance, completes the registration profile, and provides necessary documents required for ISO/IEC 27001:2022 certification. GIC Vietnam will review the completeness and suitability of the application.
 
2. Planning & Audit Preparation: GIC Vietnam establishes an audit program and identifies the necessary activities to verify that the enterprise's Information Security Management Systems (ISMS) meets certification requirements. Auditors are selected based on competence and experience relevant to the enterprise's field of operation (including technical experts if necessary).
 
3. Audit Process: The process takes place in two stages:
- Stage 1: Review of the documentation system and records; confirmation of the audit scope; assessment of the enterprise's readiness for the Stage 2 audit.
- Stage 2: Evaluation of conformity, effectiveness, and practical implementation of the system at operational sites. The audit workflow includes:
Opening Meeting → Audit of Departments/Units → Reporting → Closing Meeting.
 
4. Audit Report & Non-Conformity Handling: Based on the audit results, the enterprise implements corrective actions for any non-conformities (if applicable) to ensure full compliance with the standard's requirements.
 
5. Technical Review & Certification Issuance: The Certification Board reviews the entire audit file to make the final decision. The ISO/IEC 27001:2022 certificate is valid for 03 years, accompanied by periodic surveillance audits to maintain the validity of the certification.

III. WHY CHOOSE GIC VIỆT NAM?
 
+) International Reputation and Wide Recognition: GIC is a reputable certification body widely recognized with accreditation marks from leading organizations such as UKAS (UK), JASANZ (Australia – New Zealand), CPSC (USA), SAC (Singapore), CNAS (China), VICAS (Vietnam), etc. Certificates issued by GIC are recognized globally through the Mutual Recognition Arrangements (MRA) of the International Accreditation Forum (IAF) and the Asia Pacific Accreditation Cooperation (APAC). This helps enterprises reduce technical barriers and facilitates access to international markets.
 
+) Professional, Objective, and Cost-Effective Service:
GIC Vietnam provides services adhering to strict European and North American standards, ensuring independence, objectivity, and professionalism throughout the certification audit process. Besides superior quality, GIC offers reasonable and competitive costs, helping enterprises utilize investment resources effectively while achieving recognition according to international standards.

CONTACT INFORMATION
 
GIC VIETNAM
🏢 Hanoi: 12F, 14 Lang Ha Building, Giang Vo Ward
☎️ Tel: 024.6275 2268 | 📱Hotline: 0984609469
📧 Email: tuandm@gicvn.vn
🏢 Ho Chi Minh City: R502, 160 Nam Ky Khoi Nghia
☎️ Tel: 028.3930 7936