usd AG Successfully Certified for DIN ISO/IEC 27001 and DIN EN ISO 9001

6. November 2019

For years we have been guiding our clients towards successful certifications – now we have switched roles to undergo these testing procedures ourselves. While we do not represent the image of the shoemaker who wears the worst shoes, it was still an intense experience to have our own information security and quality management systems put to the test by third parties.

Our colleagues in charge of the certification project, Hela Oueslati-Ehrenberg, Quality Manager and Senior PCI Assessor (photo left) and Tanja Misic, Information Security Officer and Senior Security Consultant (photo right), happily accepted our certificates today.

Tanja Misic summarizes the experience: “Anyone who works in the field of information security as a consultant and auditor has a special focus on how they deal with information security issues themselves. When assessing vulnerabilities, we also benefit from the excellent technical expertise of our usd HeroLab pentesters. For us, the certifications are really an expression of the high demands we place on ourselves and the work we do for our clients. I am pleased that we have successfully completed this step”.

As part of the combined audit , some departments were not only scrutinized in accordance with ISO/IEC 27001 but also the quality management requirements of DIN EN ISO 9001. Hela Oueslati-Ehrenberg comments: “We process highly sensitive data as part of our work as a PCI assessor. We are therefore subject to the highest requirements in terms of data security and the quality of our processes. The certification of our quality management system is a further step towards visibly meeting these requirements. It’s a good feeling to hold the certificate in our hands now.”

And because the photo is incomplete, we would like to thank Anne-Kathrin Kenessey, Managing Security Consultant, who has been instrumental in bringing our certification project to a successful conclusion and then went on maternity leave on the same day – that’s what we call timing. Thank you, Anne!

Also interesting:

usd PCI Best Practice Workshop 2021

usd PCI Best Practice Workshop 2021

For many years, the usd PCI Best Practice Workshop has brought together responsible PCI personnel from companies of all sizes and from all industries to discuss current topics from the world of payment card industry together with PCI experts from usd. The interactive...

3 Reasons for a Cloud Security Audit

3 Reasons for a Cloud Security Audit

Outsourcing applications and data to the cloud brings significant benefits for companies, but at the same time also new challenges for the corresponding IT departments. The technologies and processes of a cloud environment differ from those of local data centers....

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

During penetration tests our security analysts repeatedly uncover gateways in IT systems and applications that pose significant risks to corporate security. They increasingly identify the same vulnerabilities in different IT assets, some of which have been known for...

Categories

Categories