ISO/IEC 27001

Internationally recognized certificate and seal of quality for information security

With digital progress, many opportunities for growth and efficiency have emerged – at the same time, system vulnerabilities of companies and clients are growing due to their increased interconnection. The implementation of ISO/IEC 27001 actively helps to protect corporate values, reduce risks in the domain of information and data security, and improve system availability.

A key aspect of ISO / IEC 27001 is the anticipatory identification of IT risks, their assessment and the implementation of appropriate measures to reduce threats. In addition to technical topics, organizational, physical and personnel issues, such as employee awareness and competence are included too.

Management system for information security

The core element is the introduction of an information security management system (ISMS). That implies a comprehensive, integrated and standardized management system – with specified rules and processes, which have the purpose of defining, routing, controlling, preserving and continuously optimizing information security within the company. It is a continuous process based on the plan-do-check-act method: Effectiveness must be reviewed on a regular basis by means of appropriate monitoring measures and changes affecting the scope of application must be taken into account. In case new risks are detected, a further process cycle is necessary.

It all depends on the scope of application

The declaration of applicability, i.e. the definition of the areas that are to be covered by the certification determines the complexity and the amount of work involved in the ISMS. We have opted for the maximum scope of application. Not only parts, but the entire company is subject to the certification requirements. Our organizational and conceptual departments as well as development, quality assurance and the operation of the FUTURA-cloud are all ISO-certified. Our ISMS is managed and fully supported by our executive board. On a “remarkably high level”, as the current audit by TÜV Saarland has pointed out.

ISO/IEC 27001 covers the following subjects:
  • Information security policy Classification of information and monitoring of corporate values, access control, management of communication and operations, compliance with legal and contractual obligations
  • Physical and ambient security Security of facilities and equipment, software development and maintenance of IT-systems
  • Business Continuity Management (BCM) Business impact analysis of critical business functions, emergency management

TÜV Saarland is accredited by the DAkks (German accreditation body) and has the authority to certify information security management systems as per ISO/IEC 27001.

– > for more information visit


The DAkkS is the national accreditation body of the Federal Republic of Germany and offers one-stop accreditations for all areas of conformity assessment. The process of accreditation builds trust in certificate conclusions, audit reports and inspections and also promotes their worldwide recognition and comparability. With its accreditation, the DAkkS confirms that the accredited body is fulfilling its tasks expertly and according to applicable regulations. In short: The DAkkS is auditing the auditors.

-> more about the German accreditation body


Portrait Sabine Avella Salazar
More company information?

Sabine Avella Salazar, Marketing Manager
by e-mail to
or if you wish by phone +49 611 33 460 300

Your direct line to us

A FUTURA-expert will gladly answer your questions
+49 611 33 460 300


More information needed? Please don´t hesitate to contact us

User help

You need help? Our support-team will help you gladly
+49 611 33 460 460