Standards and Policies

ITIL stands for Information Technology Infrastructure Library, which encompasses a collection of best practices for managing information systems and guides how to manage IT services. ITIL promotes a holistic approach to service management, considering all IT services, including hardware or virtual infrastructure, services used, their protection, and, most importantly, their management.

From small businesses to international or multinational corporations, thousands of companies worldwide have implemented the ITIL methodology. It is adopted across various sectors, including financial organizations, manufacturers, distributors, and industries such as entertainment, life sciences, technology, and many others.

At keyIT, we implement ITIL standards across all types of projects to ensure alignment with international standards and the best practices they entail.

The Center for Internet Security (CIS) is a non-profit organization whose mission is to identify, develop, validate, promote, and support recommended solutions for cyber defense. It leverages the cybersecurity expertise of professionals from the public sector, businesses, and educational institutions worldwide. To develop recommended standards and practices, including CIS controls, benchmarks, and images, it follows a consensus-based decision-making model.

CIS criteria serve as configuration references and best practices for securely configuring systems. Each recommendation refers to one or more CIS controls, developed to help organizations improve their cyber defense capabilities. These CIS controls align with various established standards and regulatory frameworks, including the NIST Cybersecurity Framework (CSF), NIST SP 800-53, the ISO 27000 series, PCI DSS, HIPAA, and others.

Business continuity management is a process that enables businesses to continue operating in the event of a disruption to normal activities. It involves the creation of plans to handle emergencies and natural disasters. This may include measures such as data backup, setting up backup systems, and training staff to handle emergency situations.

Business continuity management offers several benefits to companies. Firstly, it helps reduce downtime and minimize financial losses during disruptions. Secondly, it protects the company’s reputation by demonstrating its preparedness for emergencies. Finally, it enhances the safety of employees and customers during interruptions to normal operations.

The Minimum ICT Standards (Technologies de l'Information et de la Communication) set by the Swiss Confederation are designed to ensure that companies meet the required security, privacy, and operational guidelines for their IT infrastructure. These standards focus on areas such as data protection, network security, system resilience, and compliance with national and international regulations.

New Federal Act on Data Protection (nFADP) and GDPR (General Data Protection Regulation) compliance are essential for the security of personal data. They involve data management practices that adhere to regulations, including security measures, consent management, and the protection of individuals' rights over their data.

This compliance builds customer trust, minimizes the risk of penalties, and improves internal processes through secure and responsible data practices. By adhering to nFADP and GDPR standards, businesses demonstrate their commitment to data protection, which is crucial in the digital world.