Wiesbaden, in april 2019. Four years of ISO / IEC 27001: The first recertification audit by TÜV Saarland has confirmed the effectiveness of Futura Solutions´ Information Security Management System (ISMS) without deviations. It provides the structural basis for protecting confidential information, ensuring its integrity and improving the availability of information. The new ISO certificate is valid until November 2021.
The subject of the investigation covered the whole company including its organization. It encompassed all applications and processes required for the development and operation of the cloud solution. Multi-day on-site inspections, during which various process and work instructions were audited and tested for practical application, as well as individual interviews, have confirmed that the requirements of ISO / IEC 27001: 2013 certification are fulfilled without deviations. This will renew the certificate´s validity period until 2021.
IT security as value practiced
The ISMS is sustainably supported and accounted for by the management. “With this certification we prove that our organization and the processes – be it the planning, development, quality assurance or operation of our standard software – are subject to a systematic risk management. As an IT service provider, we have great responsibility for information security,” explains Managing Director Harald Schwadtke (in the picture on the left side). Systematic risk analyzes covering all areas of the company are carried out as part of Business Continuity Management on the basis of a pre-structured business impact and risk analysis. Recognized risks are evaluated according to a predefined method and then processed as part of the risk treatment and corresponding precautionary measures defined. “The extraordinary commitment of the management – not only in terms of scope and frequency of the coordination meetings with the IT security officer – needs to be emphasized. Mr. Schwadtke accompanied the entire audit personally,” confirms Holger Bohne, the responsible main auditor. “IT security is a practiced value and they do much more here than the norm requires.”
Transparency and structure
The central controlling body is the IT working group, which is headed by IT security officer Ingo Krischker. “For our internal audits, we follow an annual audit program. If findings from audits are made and measures inferred, a so-called management review and follow-up follows as part of the continuous improvement process,” Ingo Krischker (in the picture on the right side) , person responsible for preparing the recertification audit, explains .
In addition to the annual monitoring audits, a comprehensive audit for the recertification of ISO / IEC 27001: 2013 is scheduled every three years.
About Futura Solutions
Since 1997, Futura Solutions has been developing and operating innovative software solutions that connect people and their work flows. The workflow expert combines experience in developing cloud services and their secure operation with a broad SAP expertise. Over 60,000 users worldwide and across all industries are working with FUTURA<sup>®</sup> applications.<br />
In addition to medium-sized companies, its customers include 20 percent of the DAX30 companies, for which Futura Solutions has opened up new operational potentials in their procurement processes.</span></p>
Sabine Avella Salazar
Tel.: +49 611 33 460 430