Aebi Schmidt Group is now ISO 27001 certified

ISO 27001 is the internationally recognised standard for an information security management system that helps organisations to protect sensitive data and systematically manage risks in the handling of information. After almost a year of preparation, our group recently successfully passed the audit and is now ISO 27001 certified.

The handling of information and data is becoming increasingly important in an increasingly networked and data-driven world. Whether from a technical, legal or ethical perspective - viewing and analysing data from different angles is essential in order to both leverage? opportunities and minimise risks. An essential building block for this is an IT security management system that complies with internationally recognised standards and best practises.  

The management of IT security issues affects all employees 

An interdisciplinary project team, divided into five thematically differentiated working groups and additional teams, spent around ten months analysing and defining the processes. The process definition is also accompanied by a general increase in IT security, which is both in the Group's own interests and is increasingly being demanded by customers. The Aebi Schmidt Group put a new Cyber Defence Center into operation in April 2024. The centre is providing protection around the clock in collaboration with a specialist partner. The management system also focuses on continuous training for all employees. Successful IT security management only works if all employees recognise their own role in the secure handling of information and data. 

Posters in all the languages of the Group's locations are used to raise employees' awareness of how to deal with IT risks.
Posters in all the languages of the Group's locations are used to raise employees' awareness of how to deal with IT risks.

IT security is not a sprint, but a marathon  

The successful ISO 27001 certification is undoubtedly an important milestone that demonstrates our Group's commitment and expertise in the area of information security. However, certification is not the goal, but rather the framework for an ongoing process. Information security is not a state, but a dynamic challenge that requires continuous attention and adaptation. The risks and threats in the digital world are constantly changing: new technologies, legal requirements and changing business processes require flexibility and proactive action. Accordingly, the now certified management system provides for regular internal audits as well as ongoing awareness-raising within the organisation.   

The basic security standards have now been implemented and certified throughout our Group. The sites in Holten, Wageningen, Peterborough, St. Blasien, Katowice and Zurich have been formally certified. The ISO 27001 certificate confirms that the Aebi Schmidt Group has identified information security risks and implemented measures at critical points to prevent cyberattacks and data breaches and to minimise risks in general. 

> Also read the interview with Dario Stöckli, CISO Aebi Schmidt Group, to learn more about the challenges, success factors and the future of the newly certified IT security management system.