For many it is a must, for others a huge bonus
The information security management system is a construct that ensures the confidentiality, integrity and availability of data. The ISO 27001 certificate is an internationally valid certificate, which allows customers to expect careful handling of their data. As a result, customer confidence in the business partner increases. But ISO 27001 certification also has a significant effect on sales talks with potential new customers: potential sales barriers on the part of the customer may be overcome, as ISO certifications are an additional selling point.
The resulting benefit for business partners
Customers of Boom Software benefit on the one hand from an even more secure project management, and on the other hand from technical improvements of the developed software. In concrete terms, this means that sensitive company data and internal company processes in the applications are identified at an early stage and thus appropriate measures are taken within the project.
The path to ISO 27001 certification
Within the scope of the ISO certification, an internal company guideline and special guidelines were established in regard to data security. The main task in the course of the certification is the creation and implementation of an information security management system, which includes, among other things, technical and organizational measures that ensure information security to a high degree.
During the entire certification process, Boom Software relied on the expertise of a security consulting agency, which initially evaluated the current security status, conducted internal pre-audits and supported the company on its way to certification.
Which ongoing activities are necessary to maintain the certification?
The certification according to ISO-27001 requires a continuous development of the information security management system and its application.
Annual surveillance audits and three-year re-audits ensure the maintenance of the ISO-27001 certification.
"At Boom Software, positive internal side effects have become visible throughout the entire certification process. The attitude to sensitive data and the handling of this data is lived much more consciously by all employees", says Wolfgang Stürzl, information security officer at Boom Software.