ISO27001
Xyna Bulletin #26
Dear friends, partners, and customers of Xyna,
Let's begin this November newsletter with a brief look back at the recent history of information security: in the fall of 1993, the British National Computing Centre (NCC) published Public Document (PD) 0003: "A code of practice for information security management." This became the British standard "BS" 7799 Part 1, published by the British Standards Institution (BSI #1) in 1995. A few years later, this led to the development of ISO standards 17799 (now ISO 27002) and 27001, upon which the German Federal Office for Information Security (BSI #2) built its well-known "IT Baseline Protection" framework.
And that brings us full circle to the main message: GIP Exyr GmbH has recently been officially certified for ISO 27001 based on BSI IT Baseline Protection. 🥳
Enjoy the read!
::
GIP Exyr & ISO 27001
True fans of the bulletin will surely remember issue #18 from October 2024 – back then, we received the IT Baseline Protection Certificate as a preliminary step towards ISO 27001 certification.
And now the time has (finally) come – our audit team leader, Erik Gremeyer from ATM Consulting, has ceremoniously presented us with the certificate, thus confirming that the GIP Exyr GmbH information network complies with the standards and requirements of the BSI IT Baseline Protection for ISO 27001:2022:
The scope encompasses all business processes within the information network related to consulting, support, and development of software solutions for process automation [in telecommunications and other networks of the future].
A little anecdote: we are also expecting a certificate issued by the BSI – however, our esteemed Federal Office is far too understaffed. The geopolitical developments of recent years have also led to a (real) increase in awareness regarding IT security, and many companies are (rightly) aligning their internal IT systems with ISO guidelines and seeking certification. Aspects such as supply chain regulations, particularly in the critical infrastructure sector, also play a role. Well, we'll see – the audit was successfully completed some time ago, and the German Federal Office for Information Security (BSI) has received all the necessary documentation; therefore, it should only be a matter of days, weeks, or months before the process progresses to the next stage there as well.
For you, dear readers, this new status means that GIP Exyr GmbH is now formally ISMS-certified and thus ideally qualified as a supplier and partner, even for sensitive applications.