DENIC attains ISO 27001 certification
The .DE registry and managing organization, DENIC, has taken another step towards sustainable security: On 10 October 2014, DENIC had its information and security management system (ISMS) certified in accordance with the provisions of the ISO/IEC 27001:2013 standard under a full-scope audit by the German certification body TÜV Nord. Covered by the audit were all the tasks, infrastructures and processes that are required to provide DENIC’s services of domain registration, name resolution and lookup services as well as its infrastructure services for operators of other name spaces.
"At DENIC, information security has always been of paramount importance and an integral part of all business processes. The certification according to the internationally recognized ISO/IEC 27001:2013 standard underscores the high-level implementation of our ISMS, which the auditors said to stand out by a large number of ‘good practices’," says DENIC CEO Dr. Jörg Schweiger. "The regular follow-up monitoring audits will assure ourselves, the members of our Cooperative and the Internet community that our business processes and our information security will consistently meet the high requirements of the ISO standard," adds Chief Information Security Officer Boban Krsic, who has established the Information Security Management System at DENIC and brought it to certification readiness, together with his team.
The audit was successfully completed on 10 October 2014. Next to a systematic holistic approach for controlling security-related processes across the organization, TÜV Nord attests DENIC full transparency and traceability of its processes as well as an information security risk management that is in compliance with the requirements of the ISO/IEC 27001:2013 standard.