TÜV Rheinland has certified the Information Security Management System of the oraise Group in accordance with the internationally recognised ISO/IEC 27001 standard. The official certificate transfer took place in July 2017 in Frankfurt am Main. Ralph Freude, head of the ict business line at TÜV Rheinland, officially handed over the ISO/IEC 27001 certificate to Manuel Räber, Managing Partner and Torsten Ewald, ISMS coordinator of the oraise Group.
With the transfer of the ISO 27001 certificate, TÜV Rheinland validates the pioneering Information Security Management System (ISMS) of oraise for operating procedures in business processes involving managed services (this includes hosting, IT services and the in-house service desk), as well as software development.
Torsten Ewald, ISMS coordinator at oraise, emphasises, “Receiving the certificate is not an end goal for us, but rather a milestone. The aim is to maintain and further develop the security level over the long term in order to ensure the highest level of transparency and security for our customers and partners. In the future, this also means that all oraise employees will have a thorough understanding of our security guidelines and be able to implement them on a daily basis. We therefore accept the certificate on behalf of all our colleagues who have contributed to reaching this milestone over the last few months. The ISMS can only be effective within the company if all employees are equally aware of how important the system is.”
Manuel Räber, Managing Partner of oraise, adds: “As an IT service provider in the financial sector, our customers expect a professional partner that complies with the strict requirements of the Banking Act, as well as the requirements of MaRisk, particularly with regard to services classified as essential outsourcing. An ISMS established within the company is a critical component. In terms of our customers, the objective measurement and evaluation of our services is a great advantage. They see us as a reliable partner who sets high standards and expectations for itself. This has now been officially confirmed by external auditors as part of the ISO 27001:2013 audit.”