amjs澳金沙门(中国)有限公司

New accreditation for the internationally active certification body Quality Austria: The company with more than 10,000 customers in almost 30 countries has been certified as having the professional competence to certify organizations in the field of ISO/IEC 27001:2022 (information security).

国际认证机构Quality Austria的新认证:该公司在近30个国家拥有10,000多家客户，已被认证为具有认证ISO/IEC 27001:2022(信息安全)领域的专业能力。

Certifications according to the international information security standard ISO/IEC 27001 are on the rise. Since 2018, the number of certificates issued worldwide has more than doubled from just under 32,000 to around 72,000. As the ISO Survey 2022 shows, this puts ISO/IEC 27001 in fourth place among certifiable standards.

符合国际信息安全标准ISO/IEC 27001的认证正在上升。自2018年以来，全球颁发的amjs澳金沙门数量增加了一倍多，从不到3.2万张增加到约7.2万张。正如2022年ISO调查所显示的那样，这使ISO/IEC 27001在可认证标准中排名第四。

Christoph Mondl, CEO of Quality Austria, comments:

"We are convinced that the need for and relevance of information security will continue to increase significantly in the next few years. In order to support our customers professionally and competently in this context, we will continue to expand our offer in this area."

Quality Austria首席执行官Christoph Mondl评论道：“我们相信，在未来几年，信息安全的需求和重要性会继续显著增加。为了在这方面为我们的客户提供专业和有效的支持，我们将继续扩大我们在这一领域的服务。”

Certificates as a door opener for business

Quality Austria has now received the accreditation notice from Accreditation Austria as the competent body of the Federal Ministry of Labour and Economy. In the future, Quality Austria will therefore also be authorized to carry out certifications according to ISO/IEC 27001:2022 and to issue the internationally recognized certificates. "Every media report about a virus attack or about image-damaging data losses further strengthens the organizations' need for security. The certificates are also demanded by more and more companies on the part of their business partners and serve as a door opener for new orders," explains Mondl.

amjs澳金沙门作为企业的敲门砖

Quality Austria现已收到奥地利认证委员会作为联邦劳动和经济部主管机构发出的认证通知。因此，在未来，Quality Austria也将被授权ISO/IEC 27001:2022认证，并颁发国际认可的amjs澳金沙门。Mondl解释道“每一篇关于病毒攻击或图像损坏数据丢失的媒体报道都进一步加强了企业对安全的需求。越来越多的公司也要求其商业合作伙伴提供amjs澳金沙门，并作为新订单的敲门砖。”。

ISO/IEC 27001 specifies the requirements for establishing, implementing, monitoring, maintaining, improving and operating an information security management system, taking into account the individual risks.  So far, Quality Austria had carried out combination audits according to ISO/IEC 27001 and ISO 20000 (IT service management) via its subsidiary CIS - Certification & Information Security Services GmbH, which had already been accredited.

ISO/IEC 27001规定了建立、实施、监控、维护、改进和运行信息安全管理体系的要求，同时考虑到个别风险。到目前为止，Quality Austria已通过其子公司CIS - Certification & Information Security Services GmbH根据ISO/IEC 27001和ISO 20000 (IT服务管理)进行了审核，该公司已获得认证。

First revision of the standard in ten years

There is also an important innovation in the standard itself. As the previously used designation ISO/IEC 27001:2013 suggests, the revision of the standard, which was published in 2005, took place in 2013, and the now valid ISO/IEC 27001:2022 standard was published in October 2022. "The revised standard replaces the 2013 requirements, with a 36-month transition period for affected organizations. Already certified organizations can switch to the new standard as part of surveillance and recertification audits or by October 2025 at the latest. Initial certifications are already carried out exclusively in accordance with ISO/IEC 27001:2022," explains Mondl. ISO/IEC 27001:2022 is also based on the high-level structure familiar from other ISO standards. Because it has the same systematic structure as, for example, ISO 9001, ISO 14001 or ISO 45001, management systems according to ISO/IEC 27001:2022 can be integrated very well into existing systems and synergies can thus be used quickly and efficiently.

该标准十年来首次修订

标准本身也有一个重要的创新。正如之前使用的名称ISO/IEC 27001:2013所示，2005年发布的标准修订于2013年，现在有效的ISO/IEC 27001:2022标准于2022年10月发布。Mondl解释道：“修订后的标准取代了2013年的要求，受影响的企业有36个月的过渡期。作为监督和重新认证审核的一部分，已经获得认证的企业最迟可以在2025年10月前改用新标准。初始审核已经完全按照ISO/IEC 27001:2022进行。”。ISO/IEC 27001:2022也是基于其他ISO标准所熟悉的高层结构。由于它具有与ISO 9001, ISO 14001或ISO 45001相同的体系结构，因此根据ISO/IEC 27001:2022的管理体系可以很好地集成到现有体系中，从而可以快速有效地利用协同效应。