As an IT consulting company, Softline AG works within the framework of our customer projects on the basis of processes that are oriented towards ISO 9001. This underlines the high quality standards we demand of our services. Of course, we also demand the same from ourselves and, not least, from our internal information security. In addition to ISO 9001, we also have ISO/IEC 27001 certification, which confirms that we meet the requirements for an internal information security management system (ISMS) according to internationally valid and recognised standards.
ISO 9001 is an international standard for quality management systems and specifies the requirements for such systems. A quality management system (QMS) is a collection of guidelines, processes, documented procedures and internal rules. The clear definition, mapping and monitoring of processes is the focus here. A QMS should meet customer satisfaction as well as legal and regulatory requirements. ISO 9001 provides the basis for such a QMS. The advantages of a QMS for a company are potential increases in efficiency and competitiveness in the market, as the quality of the company can be proven by certification bodies, thus creating trust with the customer.
The international ISO/IEC 27001 standard contains the requirements for the establishment, implementation, maintenance and continuous improvement of an information security management system (ISMS) in organisations. The focus is on the protection of confidential information as well as the integrity and availability of information. With certification, companies can prove that they meet the requirements of information security and thus create trust with business partners.
The “Trusted Information Security Assessment Exchange” certification is an information security certification. It is based on the standards of the German “Verband der Automobilindustrie” (VDA) for Information Security, in short the VDA ISA and the international standard ISO/IEC 27001. In addition to the main module Information Security, it includes the three optional modules Data Protection according to GDPR, Prototype Protection and Third Party Connection. The ENX Association acts as a steering body for the testing service providers who can carry out the TISAX audit. This certification is particularly relevant in the automotive industry, for its suppliers and for marketing companies.