In April of this year, association Latvian Medicines Verification Organisation (LZVO) received two internationally recognized ISO certificates in the areas of quality (ISO 9001) and information security (ISO 27001) management.
Since the beginning of 2024, LZVO has been purposefully preparing for the certification process: the existing quality and information security management system was reviewed and adapted to meet the requirements of the standards. At this time, LZVO's processes, documentation and monitoring measures were improved, as well as new documentation specifically compliant with the requirements of the standards were developed.
The quality management system in LZVO was established and implemented already in 2018. The system has been continuously improved. The Latvian Medicines Verification System (LZVS) is regularly validated in accordance with GxP and GAMP5 requirements. All changes before implementation in the LZVS are reviewed and approved according to a specific procedure in the European Change Control Board (CCB). Now the quality management system is also certified according to the international standard ISO 9001. Receiving the certificate confirms that the organisation’s quality management system has been established, maintained and developed in accordance with the requirements of the ISO 9001 standard. LZVO identifies quality and information security risks and ensures a risk management process.
The certification of the information security management system in accordance with the requirements of ISO 27001 confirms that the LZVO effectively manages the risks related to information security, that ensures the confidentiality, integrity and availability of information and data of the organisation. The certificate received provides confidence to the management and customers that the information security risks in the association have been identified and are being managed. The association has developed and maintained a business continuity plan. By certifying and maintaining the information security management system in accordance with the requirements of the ISO 27001 standard, we can demonstrate to our customers, competent authorities and partners that the association has implemented security measures that ensure the protection of customer data and protect the organisation against possible threats of cyber-attacks.
ISO 9001 and 27001 are international standards that define the requirements for a quality management and information security system. The ISO certification was carried out by Bureau Veritas, a global leader in testing, inspection and certification. Bureau Veritas will monitor the organisation's operations in annual audits.
Obtaining certificates is an important step in improving the organisation's operations, as it confirms not only compliance with the requirements of the mentioned standards, but also compliance with legislative requirements, as well as providing acknowledgement of internationally recognized quality and information security management to our customers and partners.