Wiesbaden, January 2018. ISO / IEC 27001 is the leading international standard for information security management systems (ISMS). The second monitoring audit by TÜV Saarland has certified the effectiveness of the ISMS deployed by Futura Solutions without any deviations and is thus an important indicator for compliance with the forthcoming EU General Data Protection Regulation (EU-GDPR).
Besides reporting obligations and communication channels in case of an emergency, the areas regulated by ISO / IEC 27001 also include a comprehensive, basic emergency management or business continuity management that deals with threat scenarios, the so-called business impact, and possible risks. Aside from responsibilities, an ISMS also includes clearly defined workflows. The EU-GDPR points in the same direction: Companies are required to introduce a data protection management system – in future, they not only have to ensure that data protection regulations are observed, they must also be able to prove this.
“With regard to the new General Data Protection Regulation, our way of including the entire company within the scope of our ISO / IEC 27001 certification is now coming to fruition”, says Ingo Krischker, internal IT security representative. “Because a data protection management system builds upon an integral information security management system (ISMS) and includes verifiably documented processes related to personally identifiable information. Hence we have laid the foundation for our compliance with the EU GDPR”.
“Data protection and IT security are inextricably linked with each other. Both sides require a basis of sound analysis that identifies and determines the data flow in the company”, adds managing director Hartmut Schwadtke. “For us, this is a well-established practice conditioned by the ISO certification and our intensive preoccupation with the topic.”
Futura Solutions has been ISO / IEC 27001 certified since 2015. The certification covers the entire company, including organization, concept, software development, quality assurance, and the operation of the cloud-based FUTURA® solution. During the annual monitoring audits, it has to be proven through random sampling that the defined procedures and rules for information security are observed and continuously improved in day-to-day work. A more extensive, so-called re-certification will follow at the end of 2018. Upon successful conclusion, it will result in a subsequent re-issue of the certificate with a renewed validity period of three years.
About Futura Solutions
Since 1997, Futura Solutions has been developing and operating innovative software solutions that connect people and their work flows. The workflow expert combines experience in developing cloud services and their secure operation with a broad SAP expertise. Over 60,000 users worldwide and across all industries are working with FUTURA® applications. In addition to medium-sized companies, its customers include 20 percent of the DAX30 companies, for which Futura Solutions has opened up new operational potentials in their procurement processes.
Sabine Avella Salazar
Tel.: +49 611 33 460 430