The only Hong Kong company obtained dual certifications


The ONLY ONE Data Recovery Company in Hong Kong held dual certification
ISO/IEC 27001:2013 Information security management systems & ISO 9001:2015 - Quality management systems


Certificate No.: ISA/HK/160416

To prevent hacker attack, the data room will never be linked to the internet. As soon as we received customers' storage devices, we put them into an encrypted vault To prevent hacker attack, the data room will never be linked to the internet. As soon as we received customers' storage devices, we put them into an encrypted vault In addition, in order to preserve information security, all the staff are required to take the information safety and management courses. We sustain to promote information security management system, through continuous improvement and maintenance, we show our determination and implement our commitments to protect our customers' data.

ISO/IEC 27001: is an Information Security Management System(ISMS),formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard.

ISO/IEC 27001 aims to ensure that adequate controls on confidentiality, integrity and availability of information:
1 Confidentiality: Ensure the authorized clients to access data only
2 Integrity: Ensure the data being completed, not being hacked or improperly admended
3 Availability: Ensure the authorized clients to access to the data smoothly when required

In order to accomplish with the principles, there are 39 control objectives and 134 control measures to be followed. The enterprises had own choice to select the application of the control measures, amd extra measures are also welcome.

ISO/ IEC 27001:2013 standard  published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which replacement of British standard BS 7799-2:2002. Actually, there are no distinct difference between this two standards. The ISO / IEC 27001:2013 standard requires the organization to follow the "plan-do-check-act" model that was first popularized by W. Edwards Deming in his teachings on total quality management. To achieve the goals, the model requires demonstration of continuous process improvement.

ISO/IEC 27001:2013 standard specifies the management system for information security for all corporations and organization, which prevent the fault in the information security and reduce the risk. They claimed to adopted ISO/IEC 27001 can therefore enjoy great benfits, for example:

■ Adopted the international standard in developing our control measures, which definitely reduces the chance of information security errors.
■ Systematizing method in accordance with the laws, which aims to reduce the legal risks
■ Planning and managing the business by systematization continually
■ Enhance the customers/partners' confidence
■ To raise business profit and opportunity



Certificate No.: 10132595Q

Our group had emphasized on service quality and kept on strengthening our management quality and effectiveness since incorporation. Meanwhile, we have introduced 8 quality management principles in our daily operation. We had devoted to enhance our client's satisfaction and to meet the international standard.

ISO9001(Quality Management System,QMS) that define the effective quality assurance system for manufacturing and service industries, increased customer satisfaction. It performs internal uses, verification or contract objective
ISO9001:2015 - The international quality management standard, it applys for all industries or organizations, bases on the following 8 quality management principles (all outstanding enterprise required):

■ Care of all customers
■ Leadership management
■ All-staff-participation
■ Unit process mode
■ Systemized management mode
■ Continuous improvement
■ Fact-based decision making
■ Reciprocal relationship with supplies

QMS - all critical decision made by top management, and draft a "plan", "implement/do", cary out "check", finally, data analysis from the implementation process, take actions to continually improve the process performance "act", which known as “Plan-Do-Check-Act” (PDCA) cycle, this approach enables the organization to meet customer requirements and deliver continual improvement.

Key points of ISO9001:2015:
■ Aims to enhance customer satisfaction  and get beyond of their needs
■ Consideration of the benefit, cost and the risk
■ Care of social appeal
■ In favor of verification and contract objective

ISO 9001:2015 - four categories:

(1) Management responsibilities

(2) Resource Management

(3) The process and / or service implementation

(4) Survey, analysis and improvement

  • ■ Management commitment
  • ■ Customer oriented
  • ■ The quality policy
  • ■ Quality planning
  • ■ The limits of authority
  • ■ Communication
  • ■ Provision of resources
  • ■ Human resources
  • ■ Facilities
  • ■ Working environment
  • ■ Planning of product realization
  • ■ Customer related process
  • ■ Design and development
  • ■ Purchase
  • ■ Production and service operations
  • ■ Survey, test and equipment control
  • ■ General provisions
  • ■ Measurement and monitoring
  • ■ Control of nonconforming products
  • ■ Data analysis
  • ■ Improvement