Your browser is out of date

Internet Explorer is no longer supported. Please use a different browser to enjoy the website in better quality.

ISO 27001 Certification

Dependable information security with ISMS certification according to ISO/IEC 27001

Outdated technology, incorrect handling or infections with malware via the Internet can result in risks for digitally networked companies. Cybercrime, IT failures, espionage and data misuse are the consequences.

ISO/IEC 27001 certification provides you the opportunity to introduce a robust information security strategy to systematically meet the expectations of customers, legislators and industry.

The benefits you get from the ISO 27001 certification

  • Minimal business and liability risks, reduced costs

  • Protection of confidential data and information

  • Identification and reduction of threats to your business

  • Safeguarding customer trust and business partner confidence while boosting competitiveness

ISO 27001 Certification

About ISO 27001 certification

The introduction of an information security management system (ISMS) and our ISO 27001 certification help you comply with legal requirements and meet the needs of your customers. In addition to technical measures, ISO 27001 certification recognizes the importance of documentation associated with high-level information security management, which takes into account all relevant operational risks. The efficient and reliable interaction between technical solutions and organizational processes is needed to facilitate the robust level of security that is acceptable according to modern standards.

The ISO 27001 certification process involves a preparatory phase prior to the audit proper. These steps include:

Client's preparatory activities

  • Determining the scope of the ISMS
  • Defining information security guidelines and goals
  • Developing a risk assessment and risk treatment methodology
  • Preparing a declaration of applicability
  • Preparing a risk management plan and risk assessment report
  • Defining security roles and responsibilities
  • Creating a list of assets
  • Ensuring acceptable use of assets
  • Defining guidelines, e.g. for access control according to Annex A of ISO 27001

Certification audit implementation

If desired, the ISO 27001 certification process can begin with a preliminary audit prior to initial certification, in which the ISMS documentation is reviewed and checked for completeness and conformity to standards.

The ISO/IEC 27001 certification audit consists of a first stage for checking the ISMS documentation and determining whether the company is ready for certification (readiness analysis) followed by a second stage for testing the ISMS efficacy.

Our auditors document the audit in a report and evaluate your company's ISMS. In the next step, the certificate and seal are issued for a maximum term of three years. The first surveillance audit takes place within one year of the initial audit, and the second surveillance audit in the following year.

In the case of recertification, the certification process is repeated from the second stage (certification audit) to the second surveillance audit.

ISO 27001 certification process

Gain from our expertise

  • Our ISO 27001 certification enables you to upgrade your entire quality management policy.
  • Our experts have many years of experience in the field of information security and the certification of management systems.
  • The recognized DEKRA seal distinguishes your excellence in information security management and helps you gain competitive advantage.
  • Our comprehensive portfolio of services includes certification according to other standards, such as ISO 9001, ISO 14001 or ISO 45001.
  • Thanks to the compatibility of the ISO standard, combined certification is also possible.


Share page