ISO/IEC 27001:2013 - the internationally recognized information security standard
ISO/IEC 27001:2013 is an internationally recognized information security standard that provides a framework for the security of information, a secure operation of an Information Security Management System (short: ISMS). An Information Security Management System - ISMS for short - defines rules and methods to ensure information security in a company. With an ISO certification according to ISO/IEC 27001:2013, we can guarantee our customers state-of-the-art information security.
The reliability of company-related information processing is of strategic importance for secure business transactions and forms the basis of many decision-making processes. It is essential to protect the information in the atrify's sphere of responsibility. This is where we generally protect against unacceptable and improper use, misuse, disclosure, alteration, loss and destruction and pursue the objective of ensuring sufficient availability of information and information processing equipment such as servers.
Safe and responsible handling of data is our core business
A secure and responsible handling of data is our core business and the special sensitivity in handling information determines our daily business.
For this reason, atrify has decided to have this procedure certified and has established an Information Security Management System (ISMS) in accordance with the international standard ISO/IEC 27001:2013.
Further information on the standard can be found on the website of the International Organization for Standardization.
Scope atrify ISMS
An information security management system that manages all customer information under the control or ownership of atrify GmbH and is hosted in atrify facilities. The scope of the ISMS includes the facilities, technologies and processes used by atrify GmbH in its European facilities to process, manage and deliver product content to its international customers. In addition, the scope is defined taking into account the external and internal context of the organisation, the requirements of interested parties, such as customers and regulators, and the boundaries with third parties.
You can find more information on our blog.