Call Us : +972-3-7509666
Lnguage :

QUALITY STANDARDS CERTIFICATIONS

OCTOPUS HAS BEEN CERTIFIED FOR THE FOLLOWING QUALITY STANDARDS:
GDPR
9001 - C1-1

ISO 9001:2015

ISO 9001 is a standard that sets out the requirements for a quality management system. It helps businesses and organizations to be more efficient and improve customer satisfaction.

The new version of the standard brings the user a number of benefits.

ISO 9001:2015:

  • Puts greater emphasis on leadership engagement
  • Helps address organizational risks and opportunities in a structured manner
  • Uses simplified language and a common structure and terms, particularly helpful to organizations using multiple management systems
  • Addresses supply chain management more effectively
  • Is more user-friendly for service and knowledge-based organizations
  • Location based devices
View Certificate
GDPR
AS9100D

ISO 9001:2015/AS9100D

Quality Management Systems - Requirements for Aviation, Space, and Defense Organizations AS9100D
This standard includes ISO 9001:20152 quality management system requirements and specifies additional aviation, space, and defense industry requirements, definitions, and notes.
It is emphasized that the requirements specified in this standard are complementary (not alternative) to the customer and applicable statutory and regulatory requirements.
If there is a conflict between the requirements of this standard and customer or applicable statutory or regulatory requirements, the latter shall take precedence.
This International Standard specifies requirements for a quality management system when an organization:

  • needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and
  • aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
View Certificate
GDPR
ISO 90003

ISO/IEC 90003:2014

ISO/IEC 90003:2014 provides guidance for organizations in the application of ISO 9001:2008 to the acquisition, supply, development, operation, and maintenance of computer software and related support services. ISO/IEC 90003:2014 does not add to or otherwise change the requirements of ISO 9001:2008.

The guidelines provided in ISO/IEC 90003:2014 are not intended to be used as assessment criteria in quality management system registration/certification.

The application of ISO/IEC 90003:2014 is appropriate to software that is

  • Part of a commercial contract with another organization
  • A product available for a market sector
  • Used to support the processes of an organization
  • Embedded in a hardware product, or
  • Related to software services
View Certificate
GDPR
ISO 27001

ISO/IEC 27001:2013

Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).

  • An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
  • It can help small, medium and large businesses in any sector keep information assets secure.
View Certificate
GDPR
ISO 27017-2015

ISO/IEC 27017:2015

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • Additional implementation guidance for relevant controls specified in ISO/IEC 27002
  • Additional controls with implementation guidance that specifically relate to cloud services.
View Certificate
GDPR
27018 - 2014

ISO/IEC 27018:2014

ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

In particular, ISO/IEC 27018:2014 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.

ISO/IEC 27018:2014 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations.

The guidelines in ISO/IEC 27018:2014 might also be relevant to organizations acting as PII controllers; however, PII controllers can be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. ISO/IEC 27018:2014 is not intended to cover such additional obligations.

View Certificate
GDPR
27799-2016

ISO 27799:2016

SO 27799:2016 and ISO/IEC 27002 taken together define what is required in terms of information security in healthcare, they do not define how these requirements are to be met. That is to say, to the fullest extent possible, ISO 27799:2016 is technology-neutral. Neutrality with respect to implementing technologies is an important feature. Security technology is still undergoing rapid development and the pace of that change is now measured in months rather than years. By contrast, while subject to periodic review, International Standards are expected on the whole to remain valid for years. Just as importantly, technological neutrality leaves vendors and service providers free to suggest new or developing technologies that meet the necessary requirements that ISO 27799:2016 describes.

As noted in the introduction, familiarity with ISO/IEC 27002 is indispensable to an understanding of ISO 27799:2016.

The following areas of information security are outside the scope of ISO 27799:2016:

  • Methodologies and statistical tests for effective anonymization of personal health information;
  • Methodologies for pseudonymization of personal health information (see Bibliography for a brief description of a Technical Specification that deals specifically with this topic);
  • Network quality of service and methods for measuring availability of networks used for health informatics;
  • data quality (as distinct from data integrity).
View Certificate
GDPR
20000-2011

ISO/IEC 20000-1:2011

ISO/IEC 20000-1:2011 is a service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfil agreed service requirements.

ISO/IEC 20000-1:2011 can be used by:

  • an organization seeking services from service providers and requiring assurance that their service requirements will be fulfilled;
  • an organization that requires a consistent approach by all its service providers, including those in a supply chain;
  • a service provider that intends to demonstrate its capability for the design, transition, delivery and improvement of services that fulfil service requirements;
  • a service provider to monitor, measure and review its service management processes and services;
  • a service provider to improve the design, transition, delivery and improvement of services through the effective implementation and operation of the SMS;
  • an assessor or auditor as the criteria for a conformity assessment of a service provider's SMS to the requirements in ISO/IEC 20000-1:2011.
View Certificate