The information security management system of Air Astana JSC has been certified to be compliant with the ISO/IEC 27001:2013 standard. The certificate of compliance was presented to Air Astana JSC in April 2019.
After several years of ground work on policies, procedures, documents and systems the certification process started in October 2017 having contracted with Kazakhstan Quality Organization LLP for consultation on certification.
Yelena Maistrovskaya, Konstantin Tsoi and Yerzhan Yerbolat worked on the project with the participation of members of Information Security Committee of Air Astana guided by Kazakhstan Quality Organization LLP. The project was initiated by Chamindra Lenawa, Vice President of IT: “It was a big challenge but a great achievement and we believe that this is an important achievement for Air Astana for the company’s information security, the protection of our customers’ data and their trust.“
The Certification Association Russian Register which performed the official audits for the certification presented information security certificates ISO 27001: 2013 in three languages and noted that Air Astana is a progressive company, and this certification is important in the terms of the Digital Kazakhstan state program on data protection.