Quality

The Quality Management System of CSI is ISO 9001 certified for:

  • design, development, interconnection, maintenance, training, management and operative management of automated information systems and application, infrastructure and network IT services (sector EA 33)
  • design and issue of training interventions and training on the issued ICT services (sector EA 37)

The system provides for systematic management of risks and opportunities, and a constant monitoring of enterprise processes to ensure quality standards and the respect of service times and costs. A system of indicators verifies the achievement of objectives and defines any preventive and corrective actions.

Information Security

The CSI Information Security Management System is ISO/IEC 27001 certified for the design, development, delivery and support of facility management services for the data center, as well as cloud computing services provided in IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service) models.

Additionally, the system has obtained a conformity attestation according to ISO/IEC 27017 guidelines for the application of ISO 27002 controls in cloud services and ISO/IEC 27018 for the protection of personal data in cloud services.

In 2024 CSI obtained the international CSA Star certification, which guarantees the reliability, security and transparency of cloud services, integrating with the ISO 27001 system. This certification evaluates the "maturity" level of implemented security controls. The CSA Star certification is among the security requirements for cloud services in the Italian Public Administration, as mandated by the National Cybersecurity Agency.

The effectiveness of the System and the completion of information security objectives are monitored through a system of indicators that are collected and reviewed continuously and through periodic first and third party audits.

Health and Safety at the Workplace  

The Workplace Health and Safety Management System of CSI is ISO 45001 certified for:

  • eliminating or reducing risks for employees, guests and other parties, adopting preventive and protective measures
  • managing tools that ensure the compliance with occupational health and safety regulations
  • continuously improving the safety of employees, workplace, instruments and building
  • having an adequate emergency and response system

The System required the setting up of a constant monitoring system for CSI premises and activities, to ensure safety standards; a system of indicators verifies that objectives are reached and defines eventual preventive and corrective actions.

Business Continuity

The CSI Business Continuity Management System is ISO 22301 certified for data center facility management services and cloud computing services provided in IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service) models. It makes possible to:

  • evaluate the impacts from events that may compromise the availability of services
  • identify danger, evaluate potential risks and adopt appropriate mitigation measures
  • prepare adequate strategies and define plans and procedures to manage an eventual crisis
  • define the organization structure to manage the crisis.

Reliability of the data center

The CSI data center, facilities, and server rooms are certified ANSI/TIA 942 B with a RATING 3 for each of the following areas:

  • architecture and site location
  • security and safety
  • fire suppression systems
  • mechanical cooling systems
  • business continuity and distribution systems
  • connectivity and telecommunications. 

With this certification, CSI ensures compliance with AgID and ACN directives for Cloud Service Providers, guaranteeing a high level of reliability for its infrastructure. The Rating 3 certification ensures data center service availability and the ability to perform any type of maintenance without interruptions or scheduled downtimes.

Energy Efficiency

The Energy Management System of CSI is certified as compliant to ISO 50001.

The system was designed and implemented in compliance with legislative requirements in the energy field and it is aimed at ensuring energy efficiency of the processes by promoting:

  • energy savings and progressive reduction of waste
  • optimisation in the present energy use, in particular with regard to the data centre and the heating/conditioning system of the buildings
  • evaluation, in procurement processes, of aspects relating to energy efficiency.

The system also entails identifying significant energy uses and constant monitoring of the relevant established indicators. Moreover, in compliance with the processing and operating needs to issue services, it also foresees the definition and implementation of energy efficiency targets defined at corporate level.

Service Management

CSI follows the guidelines of Information Technology Infrastructure Library (ITIL) to issue IT services. The guidelines are promoted by itSMF Italia association. CSI is one of the founding members of the association, which is also part of itSMF International.

The ITIL model is used:

  • to adopt international best practices in service delivery
  • to standardise the way services are provided and to monitor activities
  • to disseminate knowledge, to ensure better service performance
  • to adopt Change, Incident and Problem Management, to ensure that contracts with customers are respected and satisfied.

CSI also has a Service Management System certified according to ISO/IEC 20000-1:2018 for data center facility management and cloud computing services, provided in IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service) models.

Environment

CSI's Environment Management System is ISO 14001 certified for the design, development and delivery of data centre and facility services, cloud computing services as IaaS, PaaS and SaaS, applicative, infrastructure and network services.

The certification is a guarantee of compliance with the European DNSH 'Do No Significant Harm' in the provision of cloud services, i.e. minimising environmental impacts. The system aims to minimise the environmental impact of CSI's activities and identifies those significant factors that must be continuously monitored in order to progressively improve the environmental sustainability.

Gender Equality

In 2023 CSI undertook the certification process of UNI PdR 125:2022 for Gender Equality, referred to in the National Recovery and Resilience Plan. In 2022 the Consortium wrote the Gender Equality Plan.