avodaq AG receives ISO 27001 certification

What the certification means for customers and partners

The certification proves that avodaq AG applies the ISO/IEC 27001 standard and the associated tasks and obligations towards customers, contractual partners, service providers, authorities and other third parties. With the protection goals of confidentiality, integrity, and availability, avodaq reaffirms its commitment to information security and data protection at all levels of the company. The ISMS is managed and certified from the company headquarters in Munich and the Hamburg branch.

As part of the certification process, further security measures were implemented to identify, evaluate and minimize potential risks. These include, among other things, our access control system, the regular review of security guidelines and the awareness of employees for the security of information and data.

“The successful ISO 27001 certification is an important step for our company,” says Marc Schmidt, COO of avodaq AG. “It proves that we have mature security measures in place and can offer our customers the highest level of confidentiality, integrity and availability of their data.”

“We rely on the most modern technologies, approved standards and well-established processes to ensure the security of our confidential data, but especially that of our customers and partners,” adds Stephan Guhl, Deputy Information Security Officer (ISB) and Director Technical at avodaq AG. “The ISO 27001 certification confirms that we are continuously improving our processes and policies and can adapt them to the constantly changing threats.”

The protection goals of avodaq

avodaq AG is committed to the protection goals of confidentiality, integrity, and availability. The measures introduced to achieve these protection goals are constantly monitored, their effectiveness checked and improved by means of a risk-based information security management system (ISMS). The ISMS helps to implement the legal requirements of data protection and information security. The protection goals in detail:

Ensuring the confidentiality of sensitive data
Information must not get into the wrong hands, but only be accessible to those employees who need access because of their tasks. Information must also be protected from unauthorised access by third parties.

Ensuring the integrity of all relevant data
The information available to avodaq is not allowed to be falsified. This applies to both the information itself and some metadata, e.g., how old the information is and who it came from.

Ensuring the availability of relevant processes and systems
The information must be available in the correct form and in the relevant information-processing systems whenever it is needed by authorised employees.

With the certification of the ISMS according to ISO 27001, avodaq AG confirms its status as a digital business partner that fulfils the required obligations in terms of information security towards customers, contractual partners, service providers and authorities.

Photo caption: After successful certification by TÜV Rheinland: IT Manager André Knieper, Project Manager Eva Milena Winkler and COO Marc Schmidt (from left to right) with the ISO 27001 certificate.