Würth IT GmbH has been conducting security checks within the Würth Group for some time now. Within the scope of this check, the information security in the individual companies is checked for conformity with “best practices” and internationally accepted standards.
In order to prove that our service is subject to continuous quality which strives to achieve a higher level, a Certification Body was established in the Competence Center Security and based on EN45012/BS7799 (new: ISO/IEC 27001), was accredited in 2001 as one of the first companies in Germany by the German Accreditation Counsel (new: National Accreditation Body for the Federal Republic of Germany).
With this accreditation, we are authorized to certify and issue accredited certificates for information security management systems based on the ISO/IEC 27001 (similar to a quality management system according to ISO 9000) and on the "IT-Sicherheitskatalog" of the Bundesnetzagentur (German Federal Network Agency). The advantage of this is obvious. Such a certificate is internationally recognized and thus, creates confidence and trust with the business partners from both the customers and the suppliers.
The certification process and the final certificate should serve as proof of a company-wide functioning information security management system.
In order to ensure the certificate remains valid, the certification body must conduct a monitoring (or follow-on) audit every year and a re-certification audit every three years. During the year the re-certification audit is conducted, the monitoring audit will not be conducted.