You can also find our certificate on IAF CertSearch, the largest global database for accredited certifications:
Knecon AG – IAF CertSearch
The knecon management is aware of its responsibility towards its customers, partners, and employees. In order to strengthen our position as a data-driven technology provider in different industries (e.g. crop science, financial services, etc.) with our solutions (e.g., FForesight, RedactManager, etc.) and to attract new customers, our management has decided to implement an Information Security Management System (ISMS).
Our ISMS was implemented on October 1, 2021, and is based on the following international standards:
- ISO 27001 – Information Security Management Systems (https://www.iso.org/standard/27001)
- ISO 27018 – Code of Practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (https://www.iso.org/standard/76559.html)
- ISO 27038 – Specification for digital redaction (https://www.iso.org/standard/44382.html)
We are driven by the opportunity to process sensitive data in mission-critical processes of major international companies. As a partner in the digital transformation of these companies, particularly the automation of data analysis and processing, additional challenges typically arise at the information security and governance levels. We address these through our management systems and processes.
Our management relies on awareness-raising and intrinsic motivation of our employees. We promote a culture of commitment, personal responsibility and respect towards all business contacts. Each employee must be aware of the importance of the Information Security Policy and understand their role in achieving our information security objectives.
In the wake of our growth, B-level management takes responsibility for achieving our objectives. For this reason, the B-level management is made particularly aware of the defined objectives and will be expanded as necessary. These objectives must be specific, measurable, agreed, realistic, and time-bound (S.M.A.R.T). In terms of content, the objectives to be attained by the security officers shall be clearly related to achieving the information security objectives and aim at the continuous improvement of information security. Even employees for whom no specific information security goals have been defined must assume greater responsibility.