In order to provide its customers services and products that guarantee safety, high reliability and quality, Entaksi Solutions SpA has built an Integrated Management System compliant with the following international standards:
ISO 9001:2015: Quality management systems - Requirements.
ISO/IEC 20000-1:2018: Information technology - Service management - Part 1: Service management system requirements.
ISO/IEC 27001:2013: Information technology - Security techniques - Information security management systems - Requirements.
ISO/IEC 27017:2015: Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
ISO/IEC 27018:2019: Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
ISO/IEC 27035:2016: Information technology - Security techniques - Information security incident management.
ISO/IEC 22301:2019: Security and resilience - Business continuity management systems - Requirements.
UNI ISO 37001:2016: Anti-bribery management systems - Requirements with guidance for use.
In addition Entaksi Solutions SpA - Irish Branch is a Qualified Trust Service Provider (QTSP) for issuing of
qualified certificates for electronic signatures and seals, creation of electronic time stamps and long-term
preservation of electronic signatures and seals.
The organisation is compliant to the following standards, containing policies and requirements for trust service
providers:
ETSI EN 319 401: General Policy Requirements for Trust Service Providers.
ETSI EN 319 411-1: Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements.
ETSI EN 319 411-2: Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates.
ETSI EN 319 412-1,2,3,5: Certificate Profiles.
ETSI EN 319 421: Policy and Security Requirements for Trust Service Providers issuing Time-stamps.
ETSI EN 319 422: Time-stamping protocol and time-stamp token profiles.
ETSI TS 119 511: Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques.
The certifications were issued by DNV, one of the main certification bodies worldwide. Entaksi invested to achieve these certifications to make clear and objective the attention and care given to customer satisfaction, the commitment with which the company proposes and provides excellent solutions and services, and the effort aimed at continuous improvement of the same.
Check out our page dedicated to Policies for quality and information security.
Entaksi Solutions is a qualified preservation service provider according to the italian regulation for the provision of IT document storage services ("Regolamento sui criteri per la fornitura dei servizi di conservazione dei documenti informatici") issued by Agenzia dell’Italia Digitale (AgID).
Such regulation requires:
Organizational, technical and financial reliability.
High quality and safety requirements.
Qualified personnel with experience and specific skills in the sector.
Reliable and safe systems, in compliance with safety and interoperability criteria and standards.
Conformity with the technical rules foreseen by CAD (Legislative Decree No 82/2005 Code for Digital Administration, "Codice dell’Amministrazione Digitale").
To guarantee the confidentiality, authenticity, non-modifiability, integrity and usability of electronic stored documents.
Entaksi is also present in Marketplace of preservation services created by AgID.
Entaksi is a Cloud SaaS (Software as a Service) provider within the
Catalogue of Cloud Services for Public Administration.
All Entaksi services enlisted in the catalog have obtained the qualification issued by the italian
_Agenzia per la Cybersicurezza Nazionale (Agency for National Cybersecurity).
The qualification process involves the verification of numerous requirements inspired by international practices and
standards regarding quality, security, performance, scalability, interoperability and portability of services, in order
to certify the reliability of the supplier.
A service present on the ACN Cloud Marketplace therefore guarantees:
Security: the requirements investigate every aspect relating to data security.
Reliability: there are specific controls relating to operational continuity and the ability to provide the service.
Compliance with Service Level Agreements: compliance with guaranteed service levels is mandatory.
Support: the organization and responsiveness of technical support and assistance is evaluated.
Data protection: particular attention is paid to compliance with the European Regulation on the protection of personal data.
Interoperability and transparency: the services must guarantee portability to other platforms and possible integration with other modules via API.
At the center of ISO 9001 there are the customer and his satisfaction. Entaksi’s entire production process is based on the requirements defined by this standard. Design, implementation, evolution and assistance of products and services are subjected to the quality controls required by this standard.
ISO 20000-1 is the international standard for IT Service Management. Entaksi has chosen to obtain certification of compliance with this standard in order to have the highest quality and reliability of the provided IT services, and the continuous improvement of its products and services.
Compliance with the ISO 27001 standard is aimed at protecting data and information, to ensure its integrity, confidentiality and availability. An adequate Information Security Management System, based on this standard, guarantees the security of the information entrusted to Entaksi. The certification is extended to the controls of ISO/IEC 27017:2015, ISO/IEC 27018:2019 and ISO/IEC 27035:2016.
The ISO 37001 standard defines a model for the creation of a Anti-Bribery Management System, providing guidelines to prevent, detect and respond to bribery episodes in any business process. It includes requirements for determining policies, procedures and preventive measures, promoting integrity and legal compliance in any organizations.
Regulation (EU) 910/2014 eIDAS defines policies and requirements for Qualified Trust Service Providers and the technical rules for the provision of trust services for issuing of qualified certificates for electronic signatures and seals, creation of electronic time stamps and long-term preservation of electronic signatures and seals.