The Semantic Web Company (SWC) is proud to announce that the Information Security Management Systems (ISMS) of the company have been certified according to the standard ISO 27001:2013 by CIS – Certification & Information Security Services GmbH.
At SWC we believe that the security of all of our information assets is of extreme relevance both for the company – as a leading provider of graph-based knowledge technologies – as for our customer base of Global 2000 companies.
A Systematic Approach for Information Security Management
Maintaining an effective Information Security Management System (ISMS) is essential to increase trust from our customers towards SWC’s products and services. Our ISMS includes people, processes and IT systems of our organization as well as its activities and the following products and services:
- PoolParty Semantic Technology Suite
- PoolParty Cloud Service, Professional Services
- PoolParty Training & Transfer
- Taxonomy Management & Knowledge Engineering
- PoolParty Development
- Linked Data Strategy
Security-Oriented Corporate Culture
Our corporate culture supports information security and is part of our DNA, the reason why we have always complied with the security requirements of our customers.
Employee awareness of information security impact and risks on business performance is fundamental. That is why SWC employees must comply with all policies of Semantic Web Company. Our information security team creates standardized requirements for the security process and ensures sufficient awareness and education of all employees.
Security Council
All organizational units at SWC have a representative assigned in the Security Council, in which the essential guidelines and work is coordinated. In particular, an overall safety concept has been developed in a security forum and is submitted to management for approval.
Through appropriate technical, organizational and infrastructural measures, access to sensitive systems, security zones and critical infrastructures as well as access to critical information and applications are controlled and only authorized for authorized persons.
Access and access authorizations are only granted and withdrawn as required after formalized application procedures. Employees of SWC have received special security rules for the respective workplace, which in particular include a reporting obligation for security incidents.
Security training, where attendance is mandatory, are managed for all employees.
SWC management is actively supporting the security organization and the security process.
Conclusion
SWC follows the ISO 27001:2013 standard and has implemented the management elements of this standard. These include the performance of regular internal audits, appropriate control of documentation and records, management evaluation and the application of the continuous improvement model (PDCA).
The ISO 27001:2013 certified ISMS helps PoolParty Semantic Suite to stay the most complete and secure semantic middleware on the global market.