Independent certifications

Certifications in the ISO-270x family are awarded for IT security procedures that guarantee data protection and information security. netfiles has three ISO-270x certifications.

The certification unit of TÜV SÜD Management Service GmbH attests that netfiles GmbH meets all the requirements of ISO/IEC 27001:2013. TÜV SÜD thus affirms that netfiles has introduced and applies a documented information security management system that is valid for the “marketing, operation and support of the netfiles application for virtual project and data rooms”.

This management system also meets the requirements of ISO 27017:2015 (for the implementation of cloud services) and ISO 27018:2014 (for the protection of personal data in public cloud services).

netfiles GmbH’s Business Continuity Management System (BCMS) has been certified by TÜV Rheinland in accordance with ISO 22301:2019. This certification covers specifications for the planning, implementation, monitoring and continuous improvement of a BCMS. Its core elements are the analysis of business processes, the assessment of risks, the development of emergency plans, regular tests and exercises and the involvement of the company management. netfiles’ BCMS makes the company more resilient in the face of disruptions.

netfiles meets the cloud service security requirements defined by Germany’s Federal Office for Information Security (BSI) in its Cloud Computing Compliance Criteria Catalogue (C5). The catalogue of criteria for BSI C5 certification comprises more than 120 security measures in areas such as how information security is organized, physical security and regular operation. Independent auditors have audited netfiles to verify compliance with these criteria in accordance with the ISAE 3000 audit standard.

netfiles GmbH’s compliance with the "Trusted Criteria" for data security and data protection in accordance with the internationally recognized SOC (System and Organization Controls) standard has been successfully audited by an independent auditing firm. The internationally recognized SOC standard is issued by the American Institute of Certified Public Accountants (AICPA), a renowned auditing body.