Annual report - HSE
Annual report - HSE
Annual report - HSE
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
2.5.4 Achieving information security objectives<br />
In 2012, the implementation of information security management measures continued in<br />
accordance with the ISO 27001 standard and included:<br />
• updated inventory count of IT resources within individual systems at TEŠ and <strong>HSE</strong>;<br />
• updated risk assessment for all IT resources, paper documents, services (contracts) and<br />
people;<br />
• amended procedures for the monitoring of events in the area of information security<br />
and business IT were prepared, as were the methods for their classification based on<br />
changes, possible incidents and actual incidents, and for their appropriate allocation and<br />
resolution;<br />
• revised system management rules of procedure;<br />
• a revised SP 30-41 Business IT procedure in accordance with organisational changes;<br />
• a review (in accordance with the personal data protection act) of all data-bases, where<br />
<strong>HSE</strong> processes personal data, which are <strong>report</strong>ed as data-base catalogues to the<br />
Information Commissioner as required by the law.<br />
We also performed an external assessment according to the criteria of ISO/IEC 27001:2005.<br />
2.5.5 Family-friendly company<br />
The <strong>HSE</strong> company was issued the certificate on 10 May 2010. After the acquisition, the<br />
Managing Director of the company appointed a team for coordination of professional<br />
and family life, which continues to work on the certificate in accordance with measures.<br />
Most of adopted measures is carried out adequately. For some of them, protocols have<br />
been prepared and approved. A research among employees is carried out every year.<br />
On 6 September 2012, the second annual visit by an external consultant took place<br />
in connection with the <strong>HSE</strong> annual <strong>report</strong> on performance of measures for obtaining<br />
complete Family-Friendly Company certificate. The company DEM also holds the Family-<br />
Friendly Company certificate.<br />
2.5.6 Certificates obtained by the <strong>HSE</strong> Group<br />
production companies<br />
<strong>Annual</strong> Report <strong>HSE</strong> 2012<br />
2 Business Report<br />
52<br />
<strong>HSE</strong> DEM SENG HESS TEŠ TET PV <strong>HSE</strong> Invest<br />
ISO 9001 • • • • • • •<br />
ISO 14001 • • • • • •<br />
OHSAS 18001 • • • • • • •<br />
ISO 27001 • • • •<br />
ISO 50001<br />
ISO/IEC 17025<br />
EE TÜV • • • •<br />
EE+ TÜV • • • •<br />
EEnew TÜV • •<br />
RECS • • • •<br />
PoI • • •<br />
DPP • •<br />
•<br />
HACCP • •<br />
•<br />
DOP • •<br />
ISO 9001: Quality management system<br />
under the regulations of standard; ISO 14001<br />
Environment management system under<br />
standard requirements; OHSAS 18001:<br />
Occupational health and safety system<br />
under standard requirements; ISO 27001:<br />
Information security management system<br />
under standard requirements; ISO 50001:<br />
Energy Management system – Requirements<br />
with instructions; ISO/IEC 17025: General<br />
requirements for the competence of testing<br />
and calibration laboratories; EE TUV:<br />
Certification assessment in accordance with<br />
TÜV TMS criteria for electricity production<br />
from renewable sources (CMS Standardu<br />
83: Erzeugungb EE (04/2011)); EE+ TÜV:<br />
Certification assessment in accordance with<br />
TÜV TMS criteria for electricity production<br />
from renewable sources by providing<br />
guarantee of operations and efficiency;<br />
Eenew TÜV: Certification assessment<br />
in accordance with TÜV TMS criteria for<br />
electricity production from renewable<br />
sources – for new up to 12 years old HPPs;<br />
RECS: Renewable Energy Certificate System<br />
= International certification system for RES<br />
electricity; PoI: Guarantee of origin; FFC:<br />
Family-friendly company. HACCP: Hazard<br />
Analysis Critical Control Point = Analysis<br />
of critical control point risk Standard for<br />
measuring labs; CSR: Corporate Social<br />
Responsibility certificate.