NOVUM Cloud Platform got the ISO 27001 and ISO 27018 certifications
The NOVUM Cloud Platform (NCP) has been certified according to ISO 27001 with the scope "Deployment and operation of applications on the NOVUM Cloud Platform" since 2018. This certification is reviewed by an external auditor annually through a surveillance audit and must be renewed every three years through a recertification audit.
The first recertification audit now took place in February and March 2021, and NOVUM Cloud Platform passed it. This certification is an important sign for our customers and interested parties, and still not a matter of course in the market.
In the meantime, NOVUM-RGI has reached such a high level of maturity with its ISMS that the preparation and also the audit were feasible with reasonable effort. The auditing has developed a clear advisory character and serves to continuously improve the process quality and documentation, so it has real added value for the people and the company.
The scope has remained unchanged, but the certification has been extended to include controls of ISO 27018 (data protection for personal identifiable information (PII) in public cloud services) in addition to ISO 27001 (information security). In this way, NOVUM-RGI is documenting NCP's claim in terms of compliance and security even better for customers and also internally.