Recertification of Thinkproject’s IT solutions, services, and locations
Thinkproject has re-audited its comprehensive information security management system (ISMS). The latest assessment proves that Thinkproject continues to consistently comply with the strict guidelines of ISO/IEC 27001:2013.
The assessment was carried out by TÜV Rheinland. The global testing service provider carried out a comprehensive analysis of all Thinkproject’s business operations.
The audit included solutions within Thinkproject, as well as various locations. The ISO 27001 compliance of the subsidiaries in Germany as well as the subsidiaries in Austria, France, Spain, New Zealand, the Netherlands, and the United Kingdom was confirmed once again. A new addition is India, which underwent the audit for the first time and immediately received certification.
ISO/IEC 27001 certification: For the digital transformation of the industry
As part of the ISMS recertification, TÜV Rheinland examined all relevant business processes of Thinkproject in the areas of product management, product development, operations, sales, software configuration, customer support, internal IT, user management, and administration. ISO 27001 compliance is even more relevant today due to the digital transformation in the construction industry, with more and more software solutions such as Common Data Environments in use which contribute significantly to increasing quality and productivity in construction projects.
These software products handle complex information processes in the context of information management. “Of course, this results in new challenges in terms of information security,” explains Dr. Ralf Hundhammer, Chief Technology Officer (CTO) of Thinkproject. “Companies in the construction industry entrust us with their most valuable asset – their data. They must be able to rely on the fact that we, as a software provider, have taken the necessary technical and organisational security precautions,” says the CTO.
“This is exactly what the ISO/IEC 27001 certification confirms. That’s why it’s our top priority.”
Ralf Hundhammer, CTO Thinkproject
Information Security: Highly important for critical infrastructure
Particularly in the geopolitical context, information security in the construction industry is becoming increasingly important. This is especially true for critical infrastructures (KRITIS). “Especially in this area, data is often extremely sensitive and therefore worth protecting – think of details of possible weak points or deficiencies at critical points such as airports, tunnels and bridges,” says Dr. Ralf Hundhammer.
“If such information falls into the wrong hands, it could have serious consequences.” In addition, large critical infrastructure customers, such as companies in the energy supply or power plant construction sectors, place high demands on their subcontractors. These must verifiably meet the ISO 27001 standards and be certified accordingly. This applies not only to the companies themselves, but also to the SaaS solutions offered. In these cases, compliance with these standards is even legally mandatory.
Growing customer demands
Despite the large number of points requested, there were only a few indications of opportunities for improvement. TÜV Rheinland particularly noted the KPI system that Thinkproject uses to continuously evaluate its information security internally. “We owe this excellent result to our well-rehearsed team, the intensive preparations before the audit and our well-functioning processes, which are based on our many years of expertise and experience,” sums up the CTO.
“After all, we carried out the first certification over a decade ago and know the processes very well. A special thank you therefore goes to the employees of all locations and departments who worked hand in hand and made this success possible through their joint, committed efforts.”
Growing customer demands
Despite the large number of points requested, there were only a few indications of opportunities for improvement. TÜV Rheinland particularly noted the KPI system that Thinkproject uses to continuously evaluate its information security internally. “We owe this excellent result to our well-rehearsed team, the intensive preparations before the audit and our well-functioning processes, which are based on our many years of expertise and experience,” sums up the CTO.
“After all, we carried out the first certification over a decade ago and know the processes very well. A special thank you therefore goes to the employees of all locations and departments who worked hand in hand and made this success possible through their joint, committed efforts.“