Your browser is outdated

The internet explorer is no longer supported. Please switch browsers for better website experience.

ISO 27001

Sustainably improve your information security management with ISO/IEC 27001

Cybercrime is often the result of outdated technology, mishandling of confidential information, or virus-related security vulnerabilities. Protect yourself by optimizing your information security management system (ISMS) according to ISO/IEC 27001.

Certification of your ISMS shows your stakeholders that your company takes information security seriously and has a strong awareness of cyber risks.

Secure competitive advantages with ISO 27001 certification

  • Reduce your business and liability risks with the help of legally compliant data management

  • Protect the sensitive data of your stakeholders and sustainably increase their trust

  • Identify threats to your business and minimize them early on

  • Save money with the effective structuring of your ISMS according to ISO 27001 and firmly implement information security in your corporate structure

Person is typing on a laptop

Your ISO 27001 certification at a glance

With the introduction and certification of your information security management system, you can effectively respond to legal requirements and customer demands relevant to information security. Benefit from the advantages of ISO/IEC 27001: The standard focuses on both the implementation of technical measures and the documentation that takes into account all relevant risks for the respective business operation. Together, these fundamentals and the interlocking of technical and organizational measures create a robust level of security.

Considering your individual situation and providing a holistic view of your company, ISO 27001 certification ensures the integration of the standard into the entire corporate structure for added advantages. A stakeholder and risk analysis helps you to identify and implement the measures you need to sustainably increase your information security. In doing so, your ISMS can be optimized and adapted in an agile manner.

  1. Information and preliminary audit (optional)
    Information meeting (by telephone or in person), on-site project discussion and preparation for certification including document review
  2. On-site certification
    Readiness analysis with assessment and review of the management system description, review of documented processes and optional post-audit (review of corrective actions)
  3. Audit report and evaluation
    Documentation of the audit and evaluation of the management system
  4. Certificate and seal
    After successful completion, you will receive your certificate and the DEKRA test seal (with a maximum term of three years)
  5. First surveillance audit
    A surveillance audit of the practical implementation is conducted every twelve months
  6. Second surveillance audit
    Repeated auditing of the practical implementation of the management system
  7. Recertification
    Three years after initial certification, steps 2 to 6 are repeated for the recertification audit

For a time-saving and smooth certification process, you can prepare yourself by:

  • Determining the scope of the ISMS
  • Defining information security policy and objectives
  • Developing a risk assessment and risk treatment methodology
  • Creating an applicability statement
  • Preparing a risk treatment plan and risk assessment report
  • Defining security roles and responsibilities
  • Creating an inventory of assets
  • Ensuring acceptable use of assets
  • Defining policies such as those for access control according to Annex A of ISO/IEC 27001

A leading international standard, ISO 27001 certification is considered to be one of the most relevant in the field of cyber security. Applicable to any company regardless of size and industry, the standard provides important guidelines in the area of planning, implementation, control and optimization of your information security.

Assessment parameters:

  • The establishment of an appropriate ISMS
  • The implementation of a mechanism for identifying risks, self-assessment, prevention and remediation of security gaps
  • The plausibility of the defined security levels of the processed information
  • The implementation of appropriate measures to ensure adequate information security

ISO 27001 certification process

Your reliable and neutral partner for ISO 27001 certification

  • Benefit from the many years of experience of our experts in the field of information security and the certification of management systems.
  • Distinguish your information security management performance with our renowned DEKRA seal for strengthened customer trust.
  • Save time and money with our combined certifications with other management standards such as ISO 9001, ISO 14001 or ISO 45001.

Downloads