CREAplus to obtain not only the ISO 27001 Information Risk Management certificate, but also the Cyber Essentials Plus certificate for protection against hacker intrusions. 


In line with its focus on offering a comprehensive range of services for managing business and information security risks, CREAplus has obtained the demanding international Cyber Essentials Plus certification. The company, which already manages its information security risks in accordance with ISO/IEC 27001, has now verified the quality of the cyber protection of its own IT assets with the new certification. Elements verified by an external independent assessor include firewalls, device security settings, user access control, malware protection, and the updating and installation of patches for applications and operating systems.

Mitja Trampuž 320"Unlike ISO 27001, the Cyber Essential Plus certificate concretely verifies and validates the quality of cyber protection of IT systems against cyber attacks. We have extended our service offering with penetration testing services therefore it has been important for us to be able to transparently demonstrate the quality of our own protection to our customers and business partners," explained Mitja Trampuž, CEO of CREAplus.

The new certification has also expanded CREAplus' ability to do business in new markets, especially in the UK, where the government and public institutions require suppliers to have the Cyber Essentials certificate for public procurement involving certain IT solutions and the handling of sensitive and personal data.

"We have decided to apply for Cyber Essentials Plus certification which includes an independent process and technical audit of our IT systems. This provided us with further confirmation that we are a competent provider of a comprehensive range of security services, such as internal and external security audits, penetration testing, cryptography consulting and the development of cyber security systems and applications for secure digital business," said Mitja Trampuž.

CREAplus is one of the leading cyber security providers in the region. It is a distributor of leading technology providers of cyber security and systems for secure digital commerce. At the same time, it implements these solutions and educates users. The company aims to offer its customers the most comprehensive cyber security management possible and with security by design. Their security services range from process security reviews and testing of information systems to the development of security policies and the implementation, management and maintenance of multi-layered technical information security systems.