Jokey receives information security certification
Jokey Holding GmbH & Co. KG is further expanding its information security activities and has successfully completed the audit for certification according to ISO/IEC 27001:2013. The internationally recognised information security standard defines the framework for the secure operation and continuous improvement of a documented information security management system (ISMS).
ISO/IEC 27001 is the leading international standard for ISMS. It is considered the most important information security certification. With this certification, TÜV Rheinland confirms the successful implementation of Jokey’s ISMS in accordance with the standard. The central elements are confidentiality, integrity and availability of information and data. Elementary processes are clearly defined and standardised, and protection is guaranteed when handling sensitive data. The certification also provides clear guidelines for implementing, monitoring and improving information security at Jokey.
Two-stage audit
The initial certification according to ISO/IEC 27001:2013 requires a two-stage audit. Jokey successfully passed the first stage at the beginning of November 2020. TÜV Rheinland recognised the ISMS implemented at Jokey as certifiable. This is a prerequisite for admission to the second stage. Due to the coronavirus, this took place as a remote audit over four days at the beginning of December 2020 and included a detailed review of the reliability of the ISMS. The scope of the ISMS includes the provision of the IT infrastructure, IT support and ERP development by the IT department in Germany. All IT employees at the Gummersbach, Wipperfürth and Sohland sites involved in the above-mentioned activities are covered by the ISMS, as is the HR department of Jokey Holding GmbH & Co. KG.
A future-proof company needs reliable IT
“With the globally recognised information security according to ISO/IEC 27001, we at Jokey are sending a strong signal to our partners, customers, stakeholders and employees about the security of information, data and systems,” emphasises Marc Antrecht, CIO of the Jokey Group. Particularly in times of the global coronavirus pandemic, it has become clear that plastic packaging is part of a systemically important supply chain and that international trade networks depend on its reliable distribution to ensure the daily supply of the population. “As one of the leading manufacturers of plastic packaging, we must be able to rely absolutely on resilient information technology and its group-specific requirements in our plants as digitalisation increases. A stable ISMS not only builds trust internally and externally, it also protects us from unwanted interruptions or even targeted attacks,” emphasises Marc Antrecht. Jokey’s customised security concept is continuously updated and adapted to changes. The next step will be to identify information security-related topics in other areas of the company beyond the IT department. “The topic of information security is very extensive,” explains Sidney Engelberth, information security officer at Jokey. “That’s why we started by standardising and establishing information security-relevant processes in the IT department. This enabled us to create the basis for an extended application in other areas.”