Since the end of 2019, mgm technology partners has implemented an Information Security Management System (ISMS)
The first ISO/IEC 27001:2013 certification took place at the beginning of 2020, and recertification to ISO 27001:2017 has since been completed.
This makes mgm part of a still small group of organisations that have established an ISMS according to ISO 27001. According to the official ISO 27001 statistics*, as of the end of 2019 there were only 1,175 valid certificates in Germany (for just under 2,100 company locations), while worldwide there were 36,363 certificates (for 68,930 locations). By comparison, there were just under 48,000 valid certifications for the quality management standard ISO 9001:2015 throughout Germany (worldwide: around 883,000).
The management team and a few specialist departments started to consider the idea of developing an ISMS and striving for ISO 27001 certification from an independent body back in January 2019. The standard is perfect for mgm in two ways.
- Firstly, mgm is a technology company, with teams developing complex business applications, sometimes in highly sensitive areas. The company therefore already has a keen interest in clear processes for secure working environments – this is entrenched in the organisation.
- Unlike many other standards, ISO 27001 does not prescribe a rigid list of processes and measures, but focuses on the individual and also changing risks of an organization - efficiently and effectively for mgm as a growing company.
The ISMS has been in place from the beginning for the Munich North (headquarters), Leipzig and Hamburg locations, as well as for mgm security partners at the Munich North location. New: With the recertification, the Dresden location was also certified for both mgm technology partners and mgm security partners. The expansion to further locations and mgm companies is being planned.