informacijska sigurnost Information Security ISO/IEC 27001 Establishing Information Security is a complex process in which we can help you. Our experts with many years of experience in information security will establish security controls in accordance with the ISO / IEC 27001: 2013 standard and security solutions that best suit your type of organization. GDPR uredba GDPR We assist you in complying with the General Data Protection Regulation (GDPR) taking into account your information technology, business processes and objectives. We approach each organization individually in order to identify, explain and properly protect all processing of personal data and exercise individual rights. Voditelj informacijske sigurnosti CISO OUTSOURCING The service is tailored to all types and sizes of organizations. It consists of the engagement of the Head of Information Security a certain number of days / hours per month. With this function, the organization protects information, covers the requirements of regulators as well as other needs in accordance with regulations and procedures. Službenik za zaštitu podataka DPO OUTSOURCING The service is intended for all organizations that want or are obliged to appoint a Data Protection Officer, but do not have an adequately trained employee or due to existing obligations where a person would be in a conflict of interest. It consists of the engagement of the Data Protection Officer a certain number of days / hours per month.

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”
― Stephane Nappo

Professional Education

Professional education in information security, business continuity, risk management and GDPR will ensure the competence of your employees.

Risk Management

Establishing a risk management system in accordance with ISO 31000 standards provides a reliable basis for decision-making and improves the achievement of business objectives.


In order to identify non-compliances and improve the system, we perform independent audits in the following areas: GDPR, ISO / IEC 27001, ISO 22301, ISO 20000, ISO 9001, ISO 14001.

ISO 9001

The implementation of the international quality management standard ISO 9001 will enable you to do better business and help you avoid inconsistent outcomes.

Business Continuity

Establishing a business continuity management system is based on the ISO 22301 standard and helps you protect your business from adverse events.

Information Risk Management

Implementing an information risk management system will eliminate or reduce information vulnerabilities and prevent damage to the organization.

IT Service Management

Managing IT services in accordance with the ISO / IEC 20000-1 standard will allow you to become more productive, provide more efficient IT services and avoid a bad reputation.

Outsourcing Internal IT Auditor

By outsourcing the internal IT auditor function in your organization, you will ensure that the function is performed by an expert and avoid poorly performed internal IT audits.

"Employee is the weakest link in information security, which through quality education becomes the strongest link" - Darie Maric

Xiphos GreenX environmental restoration program

Xiphos has always been committed to protecting the environment and through the GreenX program we try to give our contribution to the protection and restoration of the environment on which all beings on the planet, including us, depend. We are committed to creating and maintaining ecosystem biodiversity through tree planting programs and rebuilding devastated areas with new seedlings.

Each application for training guarantees the planting of 5 – 20 new seedlings.

Each application for training contributes 2% of the income to the GreenX program used to organize the planting of trees and seedlings, plus from all earning up to 2% of total annual income (percentage limited by law, above that they tax you a lot). Every planting action will be made public and of course, volunteers are always welcome. Thank you for your contribution.


We do not like spam, so we do our best to ensure that our messages are not spam, but we want to provide you with real value through the information we send you.

We will send you invitations to free trainings, useful materials, documents and tools via e-mail. You can ask us questions that we will try to answer to the satisfaction of all our subscribers through our newsletter.

Of course, we will occasionally send you marketing information, but never without any real value for you.

You can unsubscribe at any time.

We Care For Your Security! 

Contact us

4 + 7 =


Copyright © 2020. ≈ Xiphos d.o.o.