Skip to main content

Optimally protected company values: tecRacer is certified by TÜV Süd according to ISO/IEC 27001:2017!

The information management system (ISMS) for the area of conceptual design, implementation and operation of AWS cloud infrastructures of tecRacer GmbH & Co. KG was certified according to ISO/IEC 27001:2017 in February. The accredited certification body was TÜV Süd. 

The tecRacer GmbH & Co. KG (tecRacer), a member of the Amazon Web Services Partner Network since 2012 and an AWS Premier Tier Services Partner, set the course for the emergence of an information management system (ISMS) at the end of 2021. The aim is to proactively protect all internal and external company assets, such as customer data, trade secrets and tangible knowledge, and to comply with legal and contractual regulations. Customers, partners and employees of tecRacer should be able to rely on the procedures and rules for information and data security.

In February, TÜV Süd handed over the certificate to tecRacer for the area of conceptual design, implementation and operation of AWS cloud infrastructures.

The ISO/IEC 27001 standard:
Information Security Management System (ISMS) is a systematic approach to managing information security within an organization. It involves monitoring, reviewing, and controlling processes and procedures to ensure that all of the organization’s information assets are protected. An ISMS typically includes a risk assessment, definition of security policies and monitoring processes, and procedures for reviewing, monitoring, and continuously improving information security. Implementing an ISMS helps the organization improve its information security and increase the protection of data and systems.

Philipp Marx, Information Security Officer, led the coordination effort and supported employees as the ISMS emerged.

“The implementation of our ISMS required a lot of commitment and support from all employees involved. Through constructive collaboration, we were able to effectively meet the requirements of the standard while improving our internal processes. We will continuously work to optimize our security processes and procedures to ensure the security of organizational assets and strengthen the trust of our customers.”
Philipp Marx, Information Security Officer, tecRacer Group

Certification process:
The initial certification consists of a two-step process conducted by an external auditor. First, it is determined whether the company is eligible for certification, i.e. whether all the requirements of the standard have been formally implemented. In the final audit, an assessment is made as to whether all the requirements of the standard previously identified as relevant have been met. Following this and, if necessary, after any existing non-conformities have been rectified, the company is awarded the certificate.

“As an IT service provider, we are aware of the importance of a functioning information security management system. In the environment of cloud architectures, particularly strict security specifications are required, which are also requested by our customers for further cooperation. By being certified to ISO/IEC 27001, which is not yet a standard in our industry, we can show that we meet these requirements.”
Torsten Höpfner, Co-Founder and Managing Director, tecRacer Group

Before the end of 2023, tecRacer would like to expand the scope to include “development, setup and operation of Amazon Connect” and plans to add “planning, implementation and completion of software projects” in 2024.