For the first time TÜV Hessen has certified the ISMS of an enterprise with fewer than 10 employees
For the first time TÜV Hessen has certified the Information Security Management System (ISMS) of an enterprise with fewer than 10 employees. On 10 July 2015 the Head of Business Development Management Systems of TÜV Hessen, Kersten Schwinn, presented the certificate to ecom360 GmbH in Darmstadt. The IT consultancy located in the south of Hessen fulfilled all the ISO 27001:2013 criteria for an active security management and proved that the International Standard can also be met by small enterprises. At the same time, ecom360 developed an individual approach enabling small enterprises of all branches of industry to set up an ISMS and to comply with the rules efficiently.
Set a good example – having this as a motto, ecom360 GmbH took up the challenge of certification as an IT service provider. Particularly medium-sized and small enterprises often shy away from introducing and operating an ISMS in accordance with ISO 27001 and having it certified. The expenditure and the time needed seems too costly for them. Christian Roßberg, the managing director of ecom360 GmbH, wanted to examine this for himself – for a good reason: „On the one hand we develop and operate IT systems with high standards of availability, confidentiality and integrity for our customers. On the other hand we advise them on information security and IT compliance. Information Security Management Systems and their certification are therefore an important issue, which will become more and more important in future with regard to data protection as well as regulatory or legal requirements.“
In addition to the existing measures in the field of information security ecom360 established an ISMS in conformity with the standard and put the requirements of the ISO/IEC 27001:2013 into practice. The flexibility of the standard proved to be an advantage. Measures determined on the basis of risk analyses should be „appropriate“ without causing unnecessary steps.
As a result of such experience ecom360 generated a systematic approach which also paves the way for other SMEs to an active security management – and on request – to the desired certificate.
The TÜV PROFiCERT-auditor Siegfried Reinhardt of TÜV Hessen is convinced: „Independently setting up an Information Security Management System of such quality, in conformity with the standard is a remarkable achievement for a small company. Thus ecom360 really sets an example.“
———
About the TÜV PROFiCERT certification procedure:
An Information Security Management System (ISMS) set up in accordance with ISO 27001 is the basis of identification and command of specific information security risks.
-With an ISO 27001 certification by TÜV Hessen enterprises document the security and quality of their business processes. They profit from numerous additional values:
-risk management for the entire enterprise
-meeting internationally recognised standards
-high measure of transparency and trust
-distinguishing feature compared to the competition
-proof of the security of the organisation towards the law making body, customers, partners, insurances, suppliers
-information security is constantly monitored and improved
-availability, confidentiality and integrity are permanently secured
-a comprehensive awareness to protect all information regardless of their method of representation and/or storage
-relieve management by fulfilling the duty of care
-reduction of liability risks, if applicable also via reversal of the burden of proof
-compliance, e.g. with laws on data protection
ecom360 GmbH advises small and medium-sized enterprises in the fields of information security and IT compliance. In addition the service provider develops and operates IT systems that set high standards with regard to their availability and security. The enterprise supports customers in concession procedures (e.g. license applications) in terms of IT compliance, in working with supervisory authorities and in meeting regulatory requirements. Ecom360 GmbH operates an Information Security Management System certified by TÜV Hessen in accordance with ISO/IEC 27001:2013.
Kontakt
ecom360 GmbH
Christian Roßberg
Arheilger Weg 6a
64380 Roßdorf
+49 6154 624999-0
christian.rossberg@ecom360.de
http://www.ecom360.de