In another milestone of proven capability in Information Security, T/DG is again certified as ISO 27001:2005 by ISOQAR which requires for establishing & implementing a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations.

As with all management processes, an ISMS must remain effective and efficient in the long term, adapting to changes in the internal organization and external environment. ISO/IEC 27001 therefore incorporates the typical "Plan-Do-Check-Act" PDCA Deming approach to continuous improvement:

• The Plan phase is about designing the ISMS, assessing information security risks and selecting appropriate controls.

• The Do phase involves implementing and operating the controls.

• The Check phase's objective is to review and evaluate the performance (efficiency and effectiveness) of the ISMS.

• In the Act phase, changes are made where necessary to bring the ISMS back to peak performance.