Compliance of the management system confirmed by certification audit
Valid until 22. Oktober 2027
4. Context of the organization
Compliant
Innolytics AG demonstrates a clear understanding of the requirements related to quality and information security, the relevant legal and contractual obligations, and the market conditions that influence its operations. The scope and structure of the quality and information security management system comply with the requirements of ISO 9001 and ISO 27001.
|
Chapter 4.1: Innolytics AG takes into account internal and external issues related to quality and information security | Fully available |
|
Chapter 4.2: Requirements and expectations of interested parties are determined | Fully available |
|
Chapter 4.3: Innolytics AG has defined the scope of the quality and information security management system | Fully available |
|
Chapter 4.4: Innolytics AG has implemented its quality management system and its ISMS in accordance with the requirements of the standard | Fully available |
5. Leadership
Compliant
Top management at Innolytics AG is actively committed to quality and information security and makes key decisions to ensure compliance with relevant legal and contractual obligations as well as the continuous improvement of quality and information security performance.
|
Chapter 5.1: Leadership and commitment requirements are met | Fully available |
|
Chapter 5.2: Innolytics AG has defined and communicated a quality and information security policy | Fully available |
|
Chapter 5.3: Roles and responsibilities for quality and information security are defined and practiced | Fully available |
6. Planning
Compliant
Quality and information security objectives, risks, and changes are clearly defined and documented. Innolytics AG plans orders in a risk-aware and forward-looking manner. This helps prevent errors and reduce security incidents. Customers benefit from measurable performance and the reliable handling of sensitive information.
|
Chapter 6.2: Innolytics AG has defined quality and information security objectives and measures to achieve them | Fully available |
|
Chapter 6.3: Changes are organized in a structured manner | Fully available |
7. Support
Compliant
Innolytics AG ensures that quality- and information security-related tasks are supported by well-trained personnel, appropriate tools, and clear communication. This helps prevent errors and security incidents, ensures employee competence in handling quality and information security requirements, and reduces misunderstandings in the implementation of related measures.
|
Chapter 7.1: Innolytics AG systematically plans resources for quality and information security management | Fully available |
|
Chapter 7.2: Innolytics AG ensures that the necessary competencies for quality and information security are in place | Fully available |
|
Chapter 7.3: Innolytics AG creates awareness of quality and information security among employees | Fully available |
|
Chapter 7.4: Innolytics AG has clear communication structures regarding quality and information security | Fully available |
|
Chapter 7.5: Innolytics AG has securely documented the key foundations of quality and information security management | Fully available |
8. Operation
Compliant
Innolytics AG consistently implements the requirements of quality and information security management. Employees receive clear instructions for quality-conscious and secure working practices. Processes are stable, services reliable, and legal as well as contractual requirements are met. Information security risks are regularly assessed and effectively mitigated through targeted measures.
|
Chapter 8.1: Innolytics AG systematically implements the planning of its quality and information security management | Fully available |
|
Chapter 8.2: Innolytics AG meets the requirements for products, services, and information security assessment | Fully available |
|
Chapter 8.3: Requirements for development and the treatment of information security risks fulfilled | Fully available |
|
Chapter 8.4: Requirements for supplier management fulfilled | Fully available |
|
Chapter 8.5: Innolytics AG has implemented structures for the smooth execution of customer orders | Fully available |
|
Chapter 8.6: Requirements for the release of products and services fulfilled | Fully available |
|
Chapter 8.7: Quality defects are identified and rectified in a structured manner | Fully available |
9. Performance measurement
Compliant
Innolytics AG regularly evaluates the quality of its processes and identifies potential risks to information security, verifies compliance with relevant requirements through internal audits, and summarizes the results in a structured management review. This ensures that quality and security objectives are achieved, legal and contractual requirements are met, and both performance and protective measures are continuously improved – to the benefit of customers, partners, and the organization.
|
Chapter 9.1: Results are systematically reviewed and analyzed | Fully available |
|
Chapter 9.2: Regular internal checks and audits ensure consistent quality | Fully available |
|
Chapter 9.3: Innolytics AG conducts regular management reviews | Fully available |
10. Improvement
Compliant
Innolytics AG embraces the principle of continuous improvement in quality and information security management by regularly reviewing and systematically enhancing its processes. This enables customers to rely on consistently high service quality and a strong, steadily improving level of data protection.
|
Chapter 10.1: Innolytics AG ensures continual improvement and further development | Fully available |
|
Chapter 10.2: Innolytics AG meets the requirements for the treatment of nonconformities | Fully available |
|
Chapter 10.3: Innolytics AG continuously develops the management system | Fully available |
Annex A, 5
Compliant
Innolytics AG has implemented comprehensive organizational measures to embed information security within the organization. These include, among others, the introduction and regular review of an information security policy, the clear definition of responsibilities, the implementation of access control procedures, as well as the classification and labeling of information. Furthermore, inventories for information and related assets are maintained, contacts with relevant authorities and stakeholder groups are upheld, and measures for information security in supplier relationships are implemented.
Annex A, 6
Compliant
Innolytics AG has implemented extensive personnel-related measures to ensure information security. These include security screenings for new employees, the definition of responsibilities in employment contracts, as well as regular training and awareness programs on information security. Furthermore, formalized procedures such as a disciplinary process, clear responsibilities when terminating or changing employment relationships, and binding confidentiality agreements are in place. In addition, rules for secure remote work have been established and a reporting procedure for information security incidents has been introduced.
Annex A, 7
Compliant
Innolytics AG has implemented comprehensive physical measures to protect information and related assets. These include, among others, secured security perimeters and access controls, the physical monitoring of premises, as well as protective measures against physical and environmental threats. In addition, rules have been established for a tidy working environment, the safe operation and placement of equipment, the protection of assets outside the premises, and the secure management of storage media. Maintenance, cabling, and the secure disposal of equipment and assets are also regulated.
Teilen auf X
