Flexperto has achieved the ISO27001 certification


Flexperto has achieved the ISO27001 certification

Flexperto has been confirmed as compliant with the standards required for the ISO/IEC 27001:2013 certification. The certification was awarded in August 2021.

The certification is a prestigious statement that recognizes the quality of corporate procedures in terms of information security: ISO/IEC 27001 is the only international standard that is subject to verification and it defines the requirements for information security. The standard is designed to ensure the selection of adequate and proportionate security controls. It indicates a process for establishing, implementing, monitoring, reviewing, maintaining, and improving the management of information security and privacy.

This result was achieved through several steps, beginning with the introduction and implementation of an ISMS in accordance with ISO/IEC 27001 in 2020. A data protection audit for Flexperto's Technical and Organizational Measures (TOM) was also introduced, with a completion without deviations in Q2 2021. Additionally, an internal revision was established and first audited in June 2021.

Flexperto has also achieved two Germany-specific certifications, IDW PS 880 and IDW PS 951.

The IDW PS 880 certificate refers to the auditing of accounting-related software products and supports the compliance with legal and regulatory requirements for companies in Germany. This auditing standard also provides guidelines for assessing the correctness and security of accounting using IT. In relation to this certificate, an IDW PS 880 audit with focus on MiFID II compliance of recording and archiving functions was successfully performed.

The IDW PS 951 certificate represents a recognised proof of the correctness of the services provided by the service provider and is regarded as a quality criterion and quality feature for distinguishing the provider from its competitors. In this regard, an Internal Control System (ICS) was implemented in 2020 and the IDW PS 951 audit for it was successfully completed in Q1 and Q2 2021. The IDW PS 951 certificate is equivalent to the international standard for Assurance Reports on Controls at a Service Organization, ISAE 3402. ISAE 3402 describes Service Organization Control (SOC) engagements, providing assurance to an organization's customer that the service organization has adequate internal controls. Both IDW PS 951 and ISAE 3402 audits can be regarded as SOC 2 reports.