• to handle customer data with high confidentiality and integrity,
• to meet the highest security standards in all company departments,
• to secure longterm business operations of SupplyOn,
• to minimize the risks of human failure or abuse.

SupplyOn AG, a provider of Internet services for the automotive and manufacturing industries, has received ISO 27001 certification in recognition of the company's continued compliance with the highest security standards across all areas of the company. It was three years ago that SupplyOn implemented a comprehensive information security management system, the successful introduction of which was confirmed when the company received BS 7799 certification. The new ISO 27001 standard covers all aspects of the BS 7799 certificate but also requires the introduction of a monitoring system for gauging the success of individual initiatives as well as a closer integration of outsourcers in the security concept. The most important outcome of these requirements is the guaranteed security of customers' data as it is exchanged and stored via the SupplyOn Internet platform.

Markus Quicken, executive board member for SupplyOn AG embraces the launch of the extended standard: "Transactions processed over internet platforms immediately impact core processes of all involved organisations. That's why comprehensive IT-security which covers all levels is of particular importance."

One important factor for ISO 27001 certification is the continuous improvement process. As part of this process, all security-related aspects are subject to a monthly internal audit, in which documented risks are taken into consideration and new ones are identified, evaluated and, where applicable, included in the list of risk reduction measures. Additionally, a monitoring audit takes place once a year.