1. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD EFFECTIVE SERVICE MANAGEMENT based on ISO/IEC 27001 & ISO/IEC 20000-1

2. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD INTRODUCTION A Management System is the framework of policies, processes and procedures used to ensure that an organization can fulfill all tasks required to achieve its objectives. Management responsibility Document management Resource management Management review Internal audit Continuous improvement Information security policy Risk management Information security controls Security incident management ISO 9001 Qualitymanagement Qualitymanagement ISO/IEC 20000 IT Service management ISO/IEC 20000 IT Service management ISO/IEC 27001 Information security management ISO/IEC 27001 Information security management

3. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD ISO/IEC 20000 - IT SERVICE MANAGEMENT ISO 20000 is a global standard that describes the requirements for an information technology service management (ITSM) system. The standard was developed to mirror the best practices described within the IT Infrastructure Library (ITIL) framework. An IT Service organization can use ITIL to implement ITSM processes according to best practices, and ISO 20000 can be used for implementation and measurement of essential processes. ISO/IEC 20000-1 Specification ISO/IEC 20000-2 Code of Practice ITIL, CobiT, etc. Best practices Processes, Policies, Procedures, Instructions Requirements Management Overview Process definitions Deployed In-House

4. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD ISO/IEC 27001 - INFORMATION SECURITY MANAGEMENT ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. Managements commitment to a management system providing governance over information company wide, data governance Asset inventory allowing the formal identification of information repositories in addition to software, hardware, people, telecommunications and physical property Information classification identifying the categories of information and what controls need to be applied during the course of regular business activities Continuous improvement allowing management to address quality, which translates into cost savings by supporting and following up on defects in service delivery impacting availability, software, information repositories impacting data integrity and confidentiality enforcing security standards and processes, etc.

5. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD INTEGRATED MANAGEMENT SYSTEM An Integrated Management System (IMS) combines all related components of a business into one system for easier management and operations. IT Service and Information Security management systems can be combined and managed as an IMS. These systems will be not separate systems that joined together, rather they will be integrated with linkages so that similar processes will seamlessly managed and executed without duplication. Cost and resource saving Risk management Finance performance Corporate reputation Improved communication Streamlined business operations

6. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD ISO 27001 AND ISO 20000 0 Introduction 1 Scope 2 Normative references 3 Terms and definitions 4 Context of the organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvement Introduction 1 Scope 2 Normative references 3 Terms and definitions 7 Relationship processes 6.6.1 c) & d) Information security policy 6 Service delivery processes 6.6 Information security management 4.5.5 Maintain and improve the SMS 4.5.4 Monitor and review the SMS 4.1 Management responsibility 4 Service management system general requirements 4.5.3 Implement and operate the ISMS 6.3 Service continuity and availability management 5.2 Plan new or changed services 4.5.2 Plan the SMS 4.5 Establish and improve the SMS Policy Definition of objectives Definition of roles and responsibilities Awareness Communications Control of documents and records Management of metrics Internal audit Management review Corrective/Preventive actions and continual improvement

7. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD TECHNICAL TOOLS Change management database system Management and planning Configuration identification Configuration control Status accounting Verification & audit Help desk system Knowledge Management Problem Management Access Management Service Catalog Data loss prevention system Discover where data is stored Monitor how data is being used Protect data from being leaked or stolen Security information and event management system Log management Turn data into useful information The automated events analysis Dashboards Gathering of compliance data (security, governance and auditing processes) Long-term storage of historical data Forensic analysis

8. www.tms-ua.com TMS - Cooperation partner of TÜV SÜD SUCCESS STORY

9. TMS - Cooperation partner of TÜV SÜD www.tms-ua.com TMS LLC 04070, Kyiv, Ukraine 9 Naberezhno-Khreschatitskaya str. Tel.: +380 44 500 3345 Fax: +380 44 500 3346 info@tms-ua.com www.tms-ua.com Management Systems Ltd. N4 Bokhua str. Tbilisi, Georgia Tel: (+ 995 32) 2 14 73 73 info@managementsystems.ge www.managementsystems.ge TMS LLC 04070, Kyiv, Ukraine 9 Naberezhno-Khreschatitskaya str. Tel.: +380 44 500 3345 Fax: +380 44 500 3346 info@tms-ua.com www.tms-ua.com Management Systems Ltd. N4 Bokhua str. Tbilisi, Georgia Tel: (+ 995 32) 2 14 73 73 info@managementsystems.ge www.managementsystems.ge