Complex IT systems are now capable of processing a wealth of information quickly. To ensure safe processing, information must be confidential and available, and its integrity must be maintained. After all, if information starts to leak out, it can become a trust problem and lead to a competitive disadvantage.
Particularly in the age of Facebook, Twitter and the like, information security is becoming increasingly important, but, at the same time, ever more vulnerable to threats. It therefore follows that well-organized and demonstrably operational professional IT security management is a pressing requirement for companies.
In addition to theft and attacks from outside, human error is a frequent cause of data loss. An information security management system (ISMS) is a systematic approach that takes into account both technical and human factors. It will help you establish a continuous optimization and monitoring process in your company on the basis of protection needs stipulated by you.
ISO 27001 is a globally recognized standard for assessing the security of information and IT environments. The standard describes in detail the requirements of implementation as well as the documentation of an information security management system (ISMS). With ISO 27001 certification you will identify and eliminate IT risks and establish IT security procedures that make a lasting contribution to optimizing the quality of your systems.
Show your customers and partners that information security is a priority for you.
Our experts will be more than happy to assist you should you have questions or require any further information on ISO 27001 certification.
1. Documentation audit
The audit team determines to what extent the documentation of your information security management system already complies with the requirements of the standard. It also defines and demarcates the operating requirements for the data center.
2. Inventory (optional)
Our auditors first record the actual state of your business on site by means of a preliminary audit.
3. Creation of the audit plan / agreement on a schedule
Our auditors systematically identify potential gaps in the achievement of the set objectives and coordinate the corresponding test schedules with you.
4. Certification audit in accordance with ISO 27001
You demonstrate the practical application of your information security management system. Our auditors check it for appropriateness and effectiveness. This includes collecting information, the verification of evidence and an inspection of your premises.
5. Issuing the certificate
If all criteria are met, your company will receive the ISO 27001 certificate. It certifies the compliance and functionality of your management system. In addition, your company will be recorded in our online certificate database, “Certipedia” .
6. Monitoring audits
Our annual surveillance audits will support you in the ongoing optimization of your IT processes.
With certification in accordance with ISO 27001, our experts examine and evaluate the following areas:
For your ISO 27001 certification, our experts investigate and evaluate the following areas: