Security / Certificates
Security and data protection have the highest priority for SupplyOn. We continuously work to maintain our safety standards and to further enhance them in line with the constantly increasing requirements. In order to effectively manage security-related aspects, SupplyOn implemented a risk management system that meets the requirements of the following international standards for IT and cloud computing solution providers:
- ISO / IEC 27001 – International security standard that formally specifies an Information Security Management System (ISMS) (Certificate ISO 27001)
- ISO / IEC 27017 – Guideline for the implementation of generally accepted protective measures in cloud computing (Certificate ISO 27017)
- ISO / IEC 27018 – Guideline for the protection of personal data in cloud computing applications (Certificate ISO 27018)
Confidentiality, availability and integrity of customer information are of highest priority for SupplyOn. We have taken extensive measures to secure information with high and very high protection needs as well as data protection according to EU-GDPR Art. 28 (“Processor”) on the basis of TISAX (Trusted Information Security Assessment Exchange). TISAX is used by European automotive companies to provide a common information security assessment for the evaluation of suppliers and as an information exchange mechanism. Therefore, we follow the questionnaire of information security of the German Association of the Automotive Industry (VDA ISA). The SupplyOn assessment was conducted by an independent accredited audit provider. The result is exclusively retrievable over the ENX portal.