Arburg has renewed its certification to the internationally recognised DIN ISO/IEC 27001 standard, confirming the ongoing effectiveness of its information security management system within Global IT & Digital Services. The company’s initial certification in March 2023 was followed by continuous updates and adaptations to meet stringent information security requirements, culminating in the presentation of the recertification certificate in September. ISO 27001 provides a structured framework of procedures, guidelines and directives for managing risks and protecting information, which customers, partners and suppliers increasingly expect. The certification covers the company’s operations from its Lossburg headquarters to 35 locations in 25 countries and is supported by a cycle of recertification activities. These include an annual, detailed risk assessment of all IT services with outcomes integrated into Arburg’s opportunity management protocol, internal audits, management assessments and monitoring audits conducted by TÜV Süd. The approach is designed to prevent unauthorised access and the leakage of sensitive data through documented and continually improved processes.
Recertification process and governance
Arburg reports that the recertification process validates the company’s prioritisation of information security and the structured governance backing its ISMS. According to Steffen Kroner, Managing Director Finance, Controlling, IT, Human Resource Management, the successful outcome reflects continuous improvement and team expertise. “As it shows that IT security is a top priority for us and that we are constantly working on making this area more efficient, and that this is being done by a comprehensively qualified team of experts. Our information security procedures are not only reliably documented, but we are also constantly working to improve them in order to continuously strengthen our IT resilience”.
Threat landscape and implications for customers
Arburg states that it is maintaining and further expanding IT security measures in response to the evolving threat landscape. Stephan Reich, Vice President Global IT & Digital Services, said: “At times like these, we face new challenges every day arising from increasing complexity of cyber threats, particularly through the use of GenAI and the spread of identity theft and ransomware. As a company, we must constantly anticipate and implement the latest countermeasures in order to ward off these threats effectively. In addition to the ongoing training of our employees, the alignment of IT in accordance with ISO 27001 is also an important step in ensuring that we are always 'up to date' in the field of IT security”. Arburg notes that this expertise is integrated into its digital products, including the arburgXworld customer portal and the ALS host computer system, to support secure use of the company’s solutions.
Arburg successfully recertified to ISO 27001: Steffen Kroner (right), Managing Director Finance, Controlling, IT, Human Resources Management and Stephan Reich (left), Vice President Global IT & Digital Services with his certification team Björn Burkhardt,
