The flagship products of the Information Security Department of DGA SA are Information Security Management Systems implemented on the basis of the requirements of the standard ISO/IEC 27001:2005.

The ISO 27001 standard is a recognised international standard of creation of Information Security Management Systems, which means that organisations worldwide implement security systems using the same reference document. As a result, it becomes possible to compare these systems and thus improve them. The documents on the basis of which it is possible to conduct security audits are many and varied, with the most popular ones being corporate standards and legal requirements (e.g. the personal data protection act). The use of an international standard, such as ISO/IEC 27001:2005, as a reference document allows for conducting a security diagnosis in a comprehensive and, more importantly, objective manner. Another standard related to the sphere of information security management is the ISO/IEC 17799:2005 standard, containing detailed recommendations concerning the process of implementation of the Information Security Management System in an organisation.

• Physical security audits
• Tele-information security audits
• Audits of compliance with ISO/IEC 17799:2005 and ISO/IEC 27001:2005
• Personal data security
• Security management (ISO/IEC 27001:2005)
• Business continuity management (BS 25599)
• IT services management (ISO/IEC 20000)