When ‘greater data security’ is no longer simply enough
The greater part of the work in respect of cyber-Wear’s TISAX certification has now been achieved. This represents a significant step for us as a business, and once again, we have embarked on completely new territory. Now, after long preparations, we have received the provisional certificate.How we can now guarantee top security, thanks to TISAX certification
Indeed, over recent weeks, I have spent a great deal of my time preparing the company for TISAX certification. But we’re now finally ready, and have achieved the greater part! The provisional certificate is in the bag. Preparations have been underway since September 2019. Now we only have to correct some minor deviations, but more of that later.
The automotive industry as our benchmark – for all our processes!
In future, the TISAX certification will set the fundamental standards for every single activity undertaken by the entire Cybergroup, and indeed worldwide. And where do higher standards apply than in the automotive industry? This certificate is especially important to customers in this sector, as it was in this sector that the certification originated.
Car manufacturers were the first to determine that higher security standards were essential for them, but also that it would be simply too much effort and expense for every single company to implement them. As a result, the VDA, The German Association of the Automotive Industry, recently got together and developed a set of security standards for the entire industry, based on ISO 27001. Members of the association, but also their partners, must observe these high security regulations relating to information security. In other words, VDA members only work more closely together with other businesses that are TISAX-certified. TISAX certification therefore provides us with precisely this opportunity to consolidate existing partnerships and at the same time to enter into new, strong and secure partnerships.
BUT: We don’t draw the line at our customers in the automotive sector. Because we now comply with this benchmark, this means that all our customers and partners benefit! The result is that in future, all projects for all our customers will enjoy the same security standards that apply to our customers Audi, Porsche, Ford and others in the industry! This means complete trustworthiness and knowhow from all employees, from IT personnel to warehouse operatives. While others are still grappling with the GDPR, we are already operating at a completely new level, and are once again setting new standards.
Unique in the industry!
Now that we have achieved TISAX certification, cyber-Wear is to the best of our knowledge the only company in the promotional materials and full-service sector that fulfils the extremely demanding TISAX security standards. When a company has to inspect and modify all its processes, every single individual is affected, and there is a whole lot of work involved for the people driving the process.
Security level far exceeds the usual GDPR standards
In order to get employees involved, I prepared and delivered specially adapted ISMS training sessions, in order to explain the relevant risks to them and raise their awareness of the issues. ISMS stands for Information Security Management System, and describes the checks an organisation needs in order to ensure that data is handled properly in respect of its confidentiality, availability and integrity. This covers all data, from product photos, videos, text, logos, prices and product information to contact details and personal data. These information security standards go far beyond the usual GDPR standards. We are aiming for certification level AL2 + data security. The management system will then also receive the appropriate certification. There are various organisations that offer TISAX certification. We decided upon TÜV Rheinland, which has also been one of our full-service customers for more than 10 years.
Combined knowhow and focused cooperation
As Quality Manager, I am already experienced in implementing management systems. At cyber-Wear, I have already successfully established a quality management system and environmental management system, in accordance with DIN EN ISO 9001:2015 and 14001:2015 respectively. However, the IT side of things was a completely new world to me. I therefore called in external support from ISMS Solutions’ IT consultancy. The cooperation with our IT partner AGIQON was particularly intensive, and without them, the project simply wouldn’t have been possible. Together we investigated how we could implement and monitor the processes and directives so they really do comply 100% with the required standards. As part of this process, we went through several internal audits together.
The entire workforce involved
It was also my job to provide instruction on these processes in such a way that, as well as raising awareness, calmness and security were also conveyed throughout the company during the process. My task was also to involve all employees and prepare them for any possible new aspects. As a result, implementation within the company ran completely smoothly and professionally. The feedback was consistently positive and constructive. Because we had already implemented two management systems, for the workforce it was just a case of expanding on the already high standards they were already accustomed to.
|