Compliance of the management system confirmed by certification audit
Valid until 25. September 2028
4. Context of the organization
Compliant
Webagentur Vanea demonstrates a clear understanding of the requirements related to quality and information security, the relevant legal and contractual obligations, and the market conditions that influence its operations. The scope and structure of the quality and information security management system comply with the requirements of ISO 9001 and ISO 27001.
|
Chapter 4.1: Webagentur Vanea takes into account internal and external issues related to quality and information security | Fully available |
|
Chapter 4.2: Requirements and expectations of interested parties are determined | Fully available |
|
Chapter 4.3: Webagentur Vanea has defined the scope of the quality and information security management system | Fully available |
|
Chapter 4.4: Webagentur Vanea has implemented its quality management system and its ISMS in accordance with the requirements of the standard | Fully available |
5. Leadership
Compliant
Top management at Webagentur Vanea is actively committed to quality and information security and makes key decisions to ensure compliance with relevant legal and contractual obligations as well as the continuous improvement of quality and information security performance.
|
Chapter 5.1: Leadership and commitment requirements are met | Fully available |
|
Chapter 5.2: Webagentur Vanea has defined and communicated a quality and information security policy | Fully available |
|
Chapter 5.3: Roles and responsibilities for quality and information security are defined and practiced | Fully available |
6. Planning
Compliant
Quality and information security objectives, risks, and changes are clearly defined and documented. Webagentur Vanea plans orders in a risk-aware and forward-looking manner. This helps prevent errors and reduce security incidents. Customers benefit from measurable performance and the reliable handling of sensitive information.
|
Chapter 6.2: Webagentur Vanea has defined quality and information security objectives and measures to achieve them | Fully available |
|
Chapter 6.3: Changes are organized in a structured manner | Fully available |
7. Support
Compliant
Webagentur Vanea ensures that quality- and information security-related tasks are supported by well-trained personnel, appropriate tools, and clear communication. This helps prevent errors and security incidents, ensures employee competence in handling quality and information security requirements, and reduces misunderstandings in the implementation of related measures.
|
Chapter 7.1: Webagentur Vanea systematically plans resources for quality and information security management | Fully available |
|
Chapter 7.2: Webagentur Vanea ensures that the necessary competencies for quality and information security are in place | Fully available |
|
Chapter 7.3: Webagentur Vanea creates awareness of quality and information security among employees | Fully available |
|
Chapter 7.4: Webagentur Vanea has clear communication structures regarding quality and information security | Fully available |
|
Chapter 7.5: Webagentur Vanea has securely documented the key foundations of quality and information security management | Fully available |
8. Operation
Compliant
Webagentur Vanea consistently implements the requirements of quality and information security management. Employees receive clear instructions for quality-conscious and secure working practices. Processes are stable, services reliable, and legal as well as contractual requirements are met. Information security risks are regularly assessed and effectively mitigated through targeted measures.
|
Chapter 8.1: Webagentur Vanea systematically implements the planning of its quality and information security management | Fully available |
|
Chapter 8.2: Webagentur Vanea meets the requirements for products, services, and information security assessment | Fully available |
|
Chapter 8.3: Requirements for development and the treatment of information security risks fulfilled | Fully available |
|
Chapter 8.4: Requirements for supplier management fulfilled | Fully available |
|
Chapter 8.5: Webagentur Vanea has implemented structures for the smooth execution of customer orders | Fully available |
|
Chapter 8.6: Requirements for the release of products and services fulfilled | Fully available |
|
Chapter 8.7: Quality defects are identified and rectified in a structured manner | Fully available |
9. Performance measurement
Compliant
Webagentur Vanea regularly evaluates the quality of its processes and identifies potential risks to information security, verifies compliance with relevant requirements through internal audits, and summarizes the results in a structured management review. This ensures that quality and security objectives are achieved, legal and contractual requirements are met, and both performance and protective measures are continuously improved – to the benefit of customers, partners, and the organization.
|
Chapter 9.1: Results are systematically reviewed and analyzed | Fully available |
|
Chapter 9.2: Regular internal checks and audits ensure consistent quality | Fully available |
|
Chapter 9.3: Webagentur Vanea conducts regular management reviews | Fully available |
10. Improvement
Compliant
Webagentur Vanea embraces the principle of continuous improvement in quality and information security management by regularly reviewing and systematically enhancing its processes. This enables customers to rely on consistently high service quality and a strong, steadily improving level of data protection.
|
Chapter 10.1: Webagentur Vanea ensures continual improvement and further development | Fully available |
|
Chapter 10.2: Webagentur Vanea meets the requirements for the treatment of nonconformities | Fully available |
|
Chapter 10.3: Webagentur Vanea continuously develops the management system | Fully available |
Annex A, 5
Compliant
Webagentur Vanea has implemented comprehensive organizational measures to embed information security within the organization. These include, among others, the introduction and regular review of an information security policy, the clear definition of responsibilities, the implementation of access control procedures, as well as the classification and labeling of information. Furthermore, inventories for information and related assets are maintained, contacts with relevant authorities and stakeholder groups are upheld, and measures for information security in supplier relationships are implemented.
Annex A, 6
Compliant
Webagentur Vanea has implemented extensive personnel-related measures to ensure information security. These include security screenings for new employees, the definition of responsibilities in employment contracts, as well as regular training and awareness programs on information security. Furthermore, formalized procedures such as a disciplinary process, clear responsibilities when terminating or changing employment relationships, and binding confidentiality agreements are in place. In addition, rules for secure remote work have been established and a reporting procedure for information security incidents has been introduced.
Annex A, 7
Compliant
Webagentur Vanea has implemented comprehensive physical measures to protect information and related assets. These include, among others, secured security perimeters and access controls, the physical monitoring of premises, as well as protective measures against physical and environmental threats. In addition, rules have been established for a tidy working environment, the safe operation and placement of equipment, the protection of assets outside the premises, and the secure management of storage media. Maintenance, cabling, and the secure disposal of equipment and assets are also regulated.
Teilen auf X
