For CANCOM, working together with customers and partners in a spirit of trust is a top priority. This is why we optimize our processes and internal workflows every day. With our certifications according to ISO standards, we guarantee the highest level of quality and security and accompany your company with competence through the digital transformation.
The CANCOM Group and its subsidiaries are operating at more than 40 locations. Group-wide certifications ensure overarching standards. Companies acquired by the CANCOM Group are integrated into the existing certifications after a transition phase. All certifications are reviewed internally and externally during annual audits.
ISO / IEC 27001
The 27001 standard for Information Security Management Systems (ISMS) aims to ensure that all confidential data is protected, the integrity of operational data is maintained, and data is available at all times. Through our years of experience in the field of security, we know how important it is to handle information conscientiously in order to maintain business operations. Therefore, for us, our own ISMS is the necessary basis for a successful day-to-day business.
ISO 27005 & ISO 31000
Risks such as reputational or brand damage and cybercrime are increasingly feared by organizations of all kinds around the world. Our data centers are preventively equipped with equipment that makes it possible to maintain performance in the event of damage through our automated high-availability architecture in conjunction with our multi-data center concept. Our ISO 27005 and ISO 31000 certified risk management system enables us to identify risks at an early stage and proactively implement appropriate countermeasures where necessary. Risk management covers business, technical and organizational aspects.
Cloud environments have become a central component of our internal implementations as well as our service provision in recent years. In order to demonstrably manage and secure cloud environments accordingly, while also being able to demonstrate independent verification, we have certified to ISO 27017. This standard is a security standard developed for cloud service providers and users to create a more secure cloud-based environment and secure it against cybercrime scenarios.
Cloud Data Protection
The ISO 27018 standard specifies data protection requirements for cloud service providers and formulates monitoring mechanisms and guidelines for implementing measures to ensure the protection of personal data in the cloud. With our ISO 27018 certificate, we ensure that the requirements of the General Data Protection Regulation are also met in cloud environments.
ISO/IEC 27701 is an extension of ISO/IEC 27001 to include the aspect of data protection. This standard adds additional requirements to the information security management system (ISMS). Accordingly, a data protection information management system (PIMS) has been set up and implemented in the CANCOM Group. The standard defines role profiles for those responsible and those entrusted with processing personal data in order to manage data protection controls.
Business Continuity Management
Since the beginning of 2019, the CANCOM Group has been certified in accordance with the business continuity standards ISO 22313. The risks evaluated on the basis of risk management are subjected to an analysis in Business Continuity Management. As part of this analysis, proactive and reactive measures are developed and established in order to be able to respond in a timely manner to business interruptions of any origin, for example. The standard specifies the requirements for the implementation, operation, monitoring and continuous improvement of a documented continuity management system.
With the ISO 50001 energy management system, companies improve their energy-related performance, increase energy efficiency and optimize energy use. Environmental protection is a matter close to our hearts and so we also want to contribute to reducing CO2 emissions. This includes the responsible use of resources. In this way, we continuously reduce our energy consumption and increase our energy efficiency at the same time.
Compliance Management System
The ISO 37301 standard certifies the CANCOM Group’s compliance management system. The successful certification confirms that CANCOM relies on honesty and compliance for the success of the company, and that the monitoring of compliance with all relevant laws and internal guidelines is laid down in reliable processes and implemented effectively. The Compliance Management System is constantly being further developed to ensure that the confidence of employees and business partners of the CANCOM Group in correct and reliable corporate governance is always met.
To be able to respond optimally to the requirements of our customers, several companies in the CANCOM Group hold additional certifications.
For many years, CANCOM has relied on a quality management system in accordance with DIN EN ISO 9001, which is consistently developed further. The quality management system gives us the opportunity to continuously review and improve processes. Following on from this, we can increase customer satisfaction and ensure sustainable organizational development in line with the market. Since 30.03.2017 the certification is based on the updated standard revision 9001:2015.
ISO 14001 is a recognized basis for environmental management systems and covers all aspects for continuous improvement of environmental performance. The standard defines the establishment, implementation, maintenance, and continuous improvement of the environmental management system. Certification helps CANCOM to promote environmental protection, reduce environmental impacts, and achieve its environmental goals.
EN 50600 – European standard for data center
EN 50600 is the first pan-European standard that takes a holistic approach to comprehensive specifications for planning and operating a data center. CANCOM guarantees high availability by designing with redundant components on the basis of multiple supply paths. In addition, our CANCOM data center in Hamburg is the first existing data center in the world to be officially certified to EN 50600 AC 3.
ISAE 3402 TYP II
Internal control system
The European counterpart to the SOC II Report is the ISAE 3402 Type II Report. This international auditing standard audits an internal control system based on the COBIT framework. The audit and reporting is carried out by an auditor and thus guarantees not only the independence of the audit results but also the auditor’s liability. A TYPE II report tests the effectiveness of controls over a period of 12 months and is also audited annually (similar to ISO certifications).
Corporate Health Management
BG Management refers to corporate health management and applies to all German companies in the CANCOM Group. It serves as a holistic approach to promoting the health and well-being of employees. BG Management aims to improve working conditions, minimize health risks, and promote the health of the workforce. This includes measures such as prevention of occupational accidents, ergonomics in the workplace, stress management, health promotion and much more.
Health and Safety Management Systems
ISO 45001 is an internationally recognized standard for occupational health and safety management systems and applies to all German companies in the CANCOM Group. By implementing this standard, CANCOM fulfills its commitment to occupational health and safety, thereby increasing productivity and strengthening the trust of its stakeholders. The standard is designed to help organizations establish an effective system for ensuring the health and safety of their employees in the workplace. The ISO 45001 system enables companies to identify, assess and minimize risks in order to prevent accidents and health problems.
The AEO (Authorized Economic Operator) was introduced by the World Customs Organization in order to jointly ensure the security of the international supply chain. The status certifies the reliability and trustworthiness of certified companies and allows them to benefit from a simplification of the customs procedure. As AEO, we guarantee the fulfillment of the following criteria: compliance with customs and tax regulations, satisfactory accounting system, solvency, security standards, practical and professional competence. In this way, we also want to contribute to making global trade easier and safer.
Contact us! Our experts will contact you quickly and will assist you.