We strive for the services we provide to be at a highest level. Management of IT processes in the area of ​​Comarch ICT is based on the best practices of ITIL v3. It is the most widely accepted concept in the world of IT service management. ITIL is a set of best management practices. The collection contains tips, suggestions, and practices that guide to the most effective and efficient rendition of services. In Comarch the following processes are covered by these activities: change management, incident management, problem management, configuration management.

Integrated Management System (IMS)

Integrated Management System (IMS)


Comarch ICT activity is covered by the Integrated Management System (IMS) which is implemented and maintained throughout the company. It meets the requirements of the following standards:

International :

  • EN ISO 14001:2005 "Environmental Management Systems"
  • EN ISO 9001:2009 "Quality Management Systems"
  • ISO / IEC 27001:2007 "Information Security Management Systems"

Polish :

  • PN-N 19001:2006 " Internal Control System " and WSK Criteria
  • PN-N- 18001 : 2004 " Occupational Health and Safety Management Systems."

Confirmation of compliance with certain standards is the certificate of the Integrated Management System, issued by the Polish Center for Testing and Certification, which cooperates with Comarch in terms of surveillance and certification audits.

Internal Compliance Program

Internal Compliance Program


Comarch’s activities in IT infrastructure are related to the commercial provision of technologically advanced IT products. Comarch SA was one of the first companies in Poland to obtain an Internal Control System certificate for the marketing of dual-use goods in accordance with the Act of 29.11.2000 on foreign trade in goods, technologies and services of strategic importance.

ISAE 3402 type I and II

ISAE 3402 type I and II


At the beginning of 2012, we launched the "ISAE 3402 TrustedProjects " program. It  is dedicated to customers who require services of the highest quality. Customers participating in the program receive a guarantee of annual audits of projects designed to meet the requirements of ISAE 3402 (formerly SAS70). The attained certificate has been developed based on the relevant standards governing the assessment of the internal control environment of organizations that provide outsourcing services. On its basis an independent study is conducted and the auditor's opinion presented, which entitles the audited party  to receive the Type I certificate (assessment of the adequacy of the internal control environment of the project or Type II ( assessment of the adequacy and tests of the effectiveness of the internal control environment). The entity authorized to carry out the audit is a consulting firm KPMG.

Prince 2

Prince 2


Concerned about the quality of services, we manage projects according to the PRINCE2 method (Project In Controlled Environment). It is an approach to management based on processes that can be easily adapted to the individual needs of our customers. PRINCE2 is a project management methodology, regardless of the project’s size or type. The main advantage is the flexibility and adaptability to the team and to the various levels of complexity of the project.

Prince 2



PCI DSS certification (Payment Card Industry Data Security Standard), owned by Comarch means that the data transaction used in cards payment, such as data cards and PIN numbers, are encrypted, transmitted and stored in compliance with strict procedures and the best security standards. The major purpose of PCI DSS certification is to prevent sensitive data leaks, as well as minimizing the risk of hacking into systems and crimes related to this. Supervise the implementation of the PCI DSS holds a non-governmental organization PCI SSC (Payment Card Industry Security Standards Council). Its task is to define the PCI DSS standards, certification of companies and auditors that are responsible for the audit of compliance and unification of verification process.

Our Clients

  • Circle K

    Circle K

    Comarch Network Managed Services: creating a flexible and highly secure network to increase reliability
  • Heathrow Airport

    Heathrow Airport

    To support its growing business, Heathrow Airport chose Comarch Loyalty Management application in hosting model
  • Boots


    Solves business issues with Comarch Data Center Services
  • Nicols


    Eliminating outage incidents and decreasing network vulnerabilities with Comarch Data Center services
  • Jetblue Airways

    Jetblue Airways

    Reducing application response time and increasing data processing speed by deploying Comarch Data Center services
  •  Valeo


    Comarch IT Outsourcing Services for Valeo Germany
  • Drosed


    Improving levels of collaboration and customer care by cooperation with Comarch
  • European Southern Observatory

    European Southern Observatory

    Better process optimization and increased IT security with complex portfolio of Comarch IT Services
  • JetBlue Airways

    JetBlue Airways

    Reducing application response time and increasing data processing speed by deploying Comarch Data Center services
    More success stories

    Related materials

    White Paper: Ensure the Correct Functioning of Your Application with Managed Multi-cloud Services

    White Paper: Data Center Outlook

    Video: Comarch Data Center

    Development of Comarch Data Center services

    Tell us your business needs, and we’ll find the perfect solution