An audit performed by a certification authority involves reviewing whether the measures that are in place meet the risk management requirements, whether they are applied as defined and whether they are documented accordingly. All this was checked successfully by the certification authority SwissTS. (current certificate, PDF)
We would also like to emphasize that successful information security depends on the location of the data and therefore the physical features of the data centre. A secure data centre, however, is just one small aspect of physical information security and, by itself, is no guarantee of ironclad information security. In our view, it would therefore be careless to have only the data centre inspected by the certification authority, which is why we decided to certify the entire company. This will allow Nine to ensure documented, seamless information security in line with ISO 27001:2013.
The strong focus of Nine on outstanding, customer-oriented services as well as the operation of high-availability managed platforms requires an ongoing, long-term adaptation of internal processes and quality management practices. In order to effectively anchor this continuous improvement process within the company, Nine has invested in its own Total Quality Management system. By attending the TQMi course in 2013, it was possible to efficiently set up the management system and integrate it into daily operations. The successful certification, also with the updated norm from 2015, demonstrates that the processes are well-established, continuously improved and that all requirements comply with the internationally recognised standard. Download here the current certificate.