17-10-2019
Following a full audit, International Post Corporation (IPC) is now Certified ISO27001:2013 for the provision of solutions to strengthen e-commerce in cross-border delivery, letter and parcel delivery performance monitoring, as well as the provision of shared platforms and research capabilities. This is the result of intense efforts by all the teams within IPC to meet this challenge. During the audit, no major issues were found.
Holger Winklbauer, IPC CEO, said: “I am very pleased that after two years of intensive work, we are now certified. As the service provider for the global postal sector, we always paid a lot of importance to information security and the ISO27001 certification helped us to reassure on these efforts. However, we know that the continuous improvement of our policies, infrastructure and processes is needed to protect all the information we are tasked to handle”.
Being ISO certified supports IPC’s strategic aim of operational excellence in IT. An increasing number of IPC’s members are also ISO27001 certified and as a service provider, IPC needs to show it is at the same level of excellence. In addition, customers are beginning to demand ISO27001 certification as a condition of contract.
ISO27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation.
Being ISO certified supports IPC’s strategic aim of operational excellence in IT. An increasing number of IPC’s members are also ISO27001 certified and as a service provider, IPC needs to show it is at the same level of excellence. In addition, customers are beginning to demand ISO27001 certification as a condition of contract.
ISO27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation.