rexx systems has received ISO 27001:2022 certification and thus offers TÜV-certified information security for its customers.
ISO certification: rexx systems offers TÜV-certified maximum information security
Following a successful audit by TÜV Nord, rexx systems is now officially certified according to ISO 27001:2022 for its management systems – and is one of only a few companies in Germany to do so. This seal of approval for a high level of IT security also applies to the sister companies rexxact and HRexcellent.
The rexx group of companies has always set high IT security standards, not least for the benefit of its more than 3,000 customers, and after a successful audit by TÜV Nord, it received the highest award for information security management systems (ISMS) with certification in accordance with ISO/IEC 27001:2022. The ISO 27001:2022 standard also includes the requirements for the assessment and treatment of risks in the area of information security.
Audit confirms high level of IT security
The International Organisation for Standardisation, or ISO for short, has drawn up regulations for the inspection and certification of companies in addition to the regulations for setting up and operating management systems for information security. These standards of the 27000 series are internationally recognised and the same worldwide.
For certification at this level, the certifier must be accredited by a national accreditation body (DAkkS in Germany). This ensures that all ISO regulations are implemented correctly. For this reason, rexx systems turned to TÜV NORD CERT GmbH for certification. As a certification body, it carried out a successful audit on the basis of its accreditation with the DAkkS.
The audit report with the number 3535 6234 also includes the latest version 2 from April 2024 of the certification according to ISO 27001 and is valid until March 2025 according to the ISO statutes. The scope of the information management system also includes the sister companies rexxact GmbH and HRexcellent GmbH, which are also based in Hamburg.
The foreign subsidiaries rexx systems GmbH Austria and rexx systems Schweiz AG are obliged to comply with the rules of rexx systems GmbH in accordance with ISO in accordance with their guidelines.
Safety awareness is part of the rexx DNA
The scope also includes sales, consulting and development of all software solutions in the areas of human resources (HR), applicant management, talent management and CRM. The latter is a particular strength of rexxact.
‘The ISO 27001 certification is essential in our more than 20 years of company history, but confirms that we have always focussed on the highest IT security standards. These are practically part of our DNA and also that of our employees. To remind them of this and keep vigilance high, we have already drawn up new information security guidelines in May 2021 and we are also willing to enforce this policy. But IT security starts with us at C-level. We have to set a good example,’ says Norbert Rautenberg, who founded rexx systems in 2000 and has since become one of the market-leading HR software providers in Germany as Managing Director.
All pulling in the same IT security direction:
Data hosting in Germany
The certificate is used by rexx systems to implement the information security management system (ISMS) and the following objectives:
- Maintaining and protecting the image of rexx systems, rexxact and HRexcellent
- Fulfilment of all legal requirements
- Minimising damage in the event of incidents that jeopardise IT security
- Increasing the resilience of the company and its processes
- Compliance with protection goals in terms of availability, integrity and confidentiality
- Information security as a task and duty of all employees
Data security and data protection in accordance with the GDPR, which has been binding throughout the EU since May 2018, are so important to rexx systems that the company is one of the few providers in the market to have its own HR software certified. This is another reason why more and more companies are placing their trust in the expertise and software products from rexx systems, rexxact and HRexcellent.
Our ISO 27001:2022 certification -
Your advantage in terms of security
In today’s digital world, information security is essential. As your trusted software provider, we are pleased to announce that we have achieved ISO 27001:2022 certification – an exceptional milestone that sets us apart from many other providers in Germany.
Why is ISO 27001:2022 certification so important?
Highest security standard:
ISO 27001:2022 is the internationally recognised standard for information security management systems. This certification confirms that we comply with the highest standards in the area of information security. You can rest assured that your data is safe with us.
Updated threat landscape:
The 2022 version takes into account the latest developments in the threat landscape, including new attack vectors and methods used by cybercriminals. This makes it better suited to defence against current security risks.
Advanced cloud security:
With the increasing use of cloud services, the new standard has included more stringent requirements for the security of cloud environments. This includes specific measures to protect data in the cloud.
Integration of new technologies:
The 2022 version takes into account advances in technologies such as artificial intelligence and the Internet of Things (IoT). The standard ensures that security measures are appropriate for these technologies and cover their risks.
Rigorous review and continuous improvement:
Our systems and processes have been comprehensively tested and fulfil the strict requirements of ISO 27001:2022. The new standard places even more emphasis on the continuous monitoring and improvement of information security measures. This ensures that organisations not only carry out one-off checks, but also continuously develop their security practices.
Trust and transparency:
Our certification offers you transparency and trust. It shows that we take information security seriously and take proactive measures to protect your sensitive data.
Adaptation to legal requirements:
ISO 27001:2022 reflects current legal and regulatory requirements, including the GDPR and other data protection laws. This helps companies to achieve and maintain compliance more easily.
Risk management:
There is a refined methodology for assessing and addressing information security risks that helps organisations to develop a more precise and effective risk management strategy.
Greater involvement of company management:
The new standard emphasises the need for greater involvement of company management in information security management, which leads to a better security culture and greater commitment at all levels.
For you as a customer, our ISO 27001:2022 certification means that you are working with a partner that guarantees the highest security standards and takes proactive measures to protect your data. At a time when data security is more of a focus than ever, we offer you the certainty that your information is in the best hands with us.
