17. Okt 2018
Helaba awarded ISO 27001 certification in cash management
„We are delighted to be able to present Helaba with this certification. This makes it the first Landesbank in Germany to have certified information security and demonstrates how much the importance of digital security has increased in recent years.“
Director of TÜV Hessen
With its ISO 27001 certification, TÜV Hessen certifies that Helaba's Information Security Management System (ISMS) meets the most stringent requirements and confirms that data is handled securely and confidentially. “We are delighted to be able to present Helaba with this certification,” says Erwin Blumenauer. “This makes it the first Landesbank in Germany to have certified information security and demonstrates how much the importance of digital security has increased in recent years. Therefore, in addition to our classic services, TÜV Hessen offers a range of solutions in the field of cyber and information security, which we bundle in a separate business unit - such as data protection checks or continuous cyber-attack monitoring on a platform basis.”
In addition, the certification supports the bank in fulfilling the statutory provisions of the Minimum Requirements for Risk Management (MaRisk). “MaRisk implicitly requires every credit institution to implement effective ISMS and ISO 27001 is the standard which these regulations refer to. With this certification, we are even going one step further than required by supervisory authorities,” explains Markus Jörg.
Christoph Bernius adds: “Furthermore, the systems of the Cash Management unit with their high volume of transactions are subject to the provisions of the IT Security Act. Helaba must therefore demonstrate every two years that it is adequately implementing state-of-the-art technology to protect the systems concerned. For this reason, Helaba decided back in 2016 to bring its ISMS into line with ISO 27001.”
As part of the certification process, the ISMS was subjected to various tests by auditors from TÜV Hessen: From the awareness and competence of employees and management to physical and environmental security such as data centre protection and supplier management. “With the successfully completed certification, Helaba is the first credit institution to provide documented proof that the requirements for information security in cash management have been met at its Offenbach, Dusseldorf, Erfurt and Berlin offices and that measures to protect information have been implemented throughout the organisation,” confirms Elmar Stark, Head of the Information Security Team at TÜV Hessen.