ISO Certification Continues for ISC Computer Operations

March 20, 2012 :: Shirley Ross, Information Systems & Computing

Lloyd’s Register Quality Assurance (LRQA) conducted an internal audit of ISC’s Computer Operations to validate continued certification for ISO 9001:2008 and to validate NIST Compliance, as required annually for Penn Medicine computer systems. LRQA provides independent assessment, certification, verification, validation, and training to organizations in more than 120 countries. The ISO 9001 standard is the international reference for quality requirements and specifies requirements for quality management systems in organizations that need to consistently provide products that meet customer as well as legal and regulatory requirements and that need to validate their continual improvement processes. NIST (National Institute of Standards and Technology) develops and issues standards and guidelines to assist federal agencies in implementing FISMA (Federal Information Security Management Act) to protect information and information systems. ISC’s Computer Operations must certify its compliance with NIST standards because of the highly confidential information stored on equipment residing in the Data Center. For more information, please contact Donna Manley at manleydmATisc.upenn.edu