Critical infrastructure
Strategic accreditations
ACN qualification and compliance with the NIS2 and eIDAS directives. Quality and Safety is a partner for critical trust services and sensitive State infrastructure.
- ACN
- NIS2
- eIDAS
Certifications and qualifications Recognized standards,
Recognized standards,
measurable reliability.
We operate according to elite security standards, essential for the large-enterprise, insurance and public-administration markets. Our certifications are verified every year by independent bodies: here you will find the full list, with the scope of each one.
Why it matters
Two pillars of trust.
National accreditations and European compliance: the foundation on which we build services for public administration, healthcare and large enterprises.
Regulatory framework
European digital sovereignty
We guarantee preservation, security, traceability and supply-chain control according to EU and Italian regulations, with AgID guidelines and ACN cloud qualification for public administration and healthcare.
- GDPR
- eIDAS
- NIS2
- DGA
- Data Act
- AI Act
- AgID
- ACN
-
The International Certification NetworkIQNet
IQNet RecognitionAn international network that recognises and harmonises its members' certifications in over 150 countries.
ScopeInternational recognition of certificationsIQNet is the global association of the leading certification bodies. IQNet recognition ensures that the certifications issued to Quality and Safety by accredited partners are accepted internationally without the need for further audits.
-
AENORAENOR — Quality Management
ISO 9001A quality management system compliant with the most widely adopted international standards.
ScopeDesign, development and delivery of software services and digital preservationThe ISO 9001 certification attests that Quality and Safety’s processes — from requirements gathering through to delivery and support — follow a measurable management system geared towards continuous improvement and customer satisfaction.
-
AENORAENOR — Information Security
ISO/IEC 27001An information security management system with technical, organisational and physical controls.
ScopeInfrastructure, applications, compliant digital preservation and cloud servicesISO/IEC 27001 is the reference standard for safeguarding the confidentiality, integrity and availability of information. We apply a set of ISMS controls covering access management, encryption, incident response, business continuity and supplier management.
-
AENORAENOR — Cloud Security
ISO/IEC 27017Security controls specific to cloud services, extending ISO/IEC 27001 to multi-tenant and virtualised environments.
ScopeCloud services, virtualised infrastructure and digital preservationISO/IEC 27017 defines additional guidelines and controls for information security in cloud environments, covering aspects such as the segregation of virtual resources, the management of shared responsibilities between provider and customer, and the protection of administration interfaces.
-
AENORAENOR — Personal data protection in the cloud
ISO/IEC 27018Protection of personal data (PII) in public cloud services, with privacy-specific controls.
ScopeProcessing and protection of PII on cloud infrastructureISO/IEC 27018 is the reference standard for protecting personally identifiable information (PII) in public clouds. It ensures transparency in data processing, limits on secondary use, breach notification and effective control on the part of the data controller.
-
Agenzia per l'Italia DigitaleAgID
Conservatore accreditato / Fornitore qualificatoQuality and Safety appears in the official AgID list of preservation providers registered in the Marketplace of preservation services.
ScopeCompliant digital preservation and digital services for the Public AdministrationAccreditation is not merely an administrative requirement: it enables compliant digital preservation, strengthens trust within the Public Administration and for all regulated parties, and creates a barrier to entry founded on verified organisational, technological and procedural safeguards.
-
Agenzia per la Cybersicurezza NazionaleACN
Qualificazione servizi cloud per la PAACN qualification/compliance for public administration cloud services, with verification of conformity to regulatory requirements and 36-month validity.
ScopeQualified cloud for the Public AdministrationThe qualification issued by the Agenzia per la Cybersicurezza Nazionale, referenced by the official ACN procedure, involves verification of conformity to regulatory requirements and a qualification validity of 36 months. This safeguard strengthens the company’s position as a qualified supplier for public and regulated environments, reducing operational risk and the time required to access tenders and critical projects.
-
Associazione Nazionale Operatori e Responsabili della Conservazione dei Contenuti digitaliANORC
SocioMembership of the leading Italian association for digital preservation operators and managers.
ScopeAdvocacy, standards and best practices in digital preservationAs an ANORC member, we actively contribute to the development of standards and best practices in digital preservation in Italy, engaging with institutions, providers and preservation managers across the country.
Documentation
Compliance documents.
Certificates and questionnaires available for direct download.
Do you need the official certification documents?
On request we provide certificates, management-system manuals and the SoA (Statement of Applicability) updated to the latest audit.