July 2018: The nbsp Holding GmbH with its subsidiaries nbsp GmbH, SiteFusion GmbH, danubius GmbH and cyberstack GmbH can now call themselves as “Certified according to ISO 9001:2015 and ISO / IEC 27001: 2013”. DEKRA confirms this with the successfully passed audit including two standards in the areas of quality management and information security.
After more than sixteen busy months for the IMS team consisting of Michael Bauer (ISB), Antja Köstlinger-Zumpe (QMB) and Karl-Heinz Blenk (Head of IT) as well as the whole staff, the employees of nbsp Holding GmbH and especially the owner Mario Kandler are very proud of the successful audit according to ISO 9001: 2015 and ISO / IEC 27001: 2013.
There was no stone left unturned inside of the company over the course of the certification: In addition to the process optimizations across all firms and departments – from sales to project implementation to product development and hosting – also “physical” optimizations were made, such as the introduction of an access concept for entering the building.
An important part is, among other things, the improvement management, which intervenes with ongoing improvements as well as with any any information security events and weaknesses: Each individual employee is integrated within the scope of improvement management and is able to continuously improve processes and information security of the entire enterprise.
Another very important issue was the creation of a risk assessment. Over a hundred potential risks, ranging from potential security vulnerability in the program to the violation of personal data to a fire in the data center were evaluated and assessed. A catalog of measures was developed to avoid said risks of the risk assessment.
“The introduction of an Integrated Management System (IMS) in conjunction with the appropriate software is a great achievement for all of us. While we have been using ISO 9001 for more than ten years now and have reissued it for all companies associated with the group, the introduction of ISO 27001 has linked the existing quality criteria with the aspects of information security.Today, topics such as IT security and the protection of information and data are more important than ever – with the appropriate qualification, we are creating an important milestone in order to be able to offer our customers not only professional but above all secure software and services.” said Mario Kandler.