Rutronik’s management decided last year to introduce a comprehensive information security management system (ISMS) to guarantee the security of the company’s data and that of its customers and partners at all times. To verify that the company successfully implemented the ISMS, Rutronik wanted the system to be tested and certified to the international ISO 27001 standard. This has now been completed.
“We are proud that our activities in the field of information security meet such high standards and that as a result we have proven that we are reliable partners to customers, suppliers, and employees,” said Marco Nabinger, head of IT/Security at Rutronik. “In this era of increasing digitization, every company must ensure that its information and data are secure. Increasingly frequent and targeted attacks, constantly evolving malware, and a virtually unlimited number of attackers with creativity and motivation that seems to know no bounds make handling information securely a top priority for management.”
Scope of the ISO 27001 Standard
The ISO 27001 standard is complex and consists of several components: information security policy, organization of information security, human resources security, asset management, access control, cryptography, physical and environmental security, operational security, communications security, system acquisition, development and maintenance, supplier relationships, information security incident management, information security aspects of operational continuity management, and compliance/conformity. To receive certification, all of these criteria must be fulfilled.