[ Apply | Log In ]
MS ISO/IEC 27001 INFORMATION SECURITY FRAMEWORK

GSO as one of the CNII entities has started its journey towards the Information Security Management System (ISMS) certification since 2013 and is currently certified with MS ISO/IEC 27001:2013 framework by SIRIM QAS, focusing on the Power System Operation and Services (PSOS). Critical National Information Infrastructure(CNII) is defined as system or function that is vital to the nation, and its incapacity or destruction would lead to a devastating impact on:

  1. National Economic Strength - confidence that the nation’s key growth area can successfully compete in the global market while maintaining favourable standards of living.
  2. National Image – projection of national image towards enhancing stature and sphere of influence.
  3. National defence and security – guarantee sovereignty and independence whilst maintaining internal security.
  4. Government capability to function – maintain order to perform and deliver minimum essential public services.
  5. Public health and safety – delivering and managing optimal health care to the citizen.


Figure 1 : 14 security domains in ISO/IEC 27001:2013 adopted by GSO


MS ISO 9001:2008

ISO 9001 is an International Standard that specifies requirements for a Quality Management System(QMS). GSO is adopting the standard to demonstrate the ability to consistently provide services that meet regulatory requirements. GSO was first certified with MS ISO 9001:2000 in March 2007, and the standard framework was then upgraded to MS ISO 9001:2008 in March 2010.

Figure 2 : PDCA Cycle