ISO/IEC 27001 certification

stepping stone AG has been certified according to ISO/IEC 27001:2013 since October 2019.

The ISO/IEC 27001 standard relates to information security management and sets requirements for an information security management system (ISMS).

To ensure that the processes of stepping stone AG continue to apply to the ISO/IEC 27001:2013 standard in the future, regular reviews and recertification audits take place.

What is ISO/IEC 27001?

The ISO/IEC 27001 certification guarantees the use of the information security management system (ISMS). In addition to the one-time certification, an external audit takes place every year and a recertification every third year.

As our customer, you can be sure that the security of your data and the availability of your systems are at the forefront of our work.

For ISO/IEC 27001 certification attests that the certified company operates an information security management system, ISMS for short. An ISMS is a systematic approach for the management of sensitive company information. It encompasses people, processes and IT systems using a risk management process. This ISMS serves as the centre for everything related to IT security and is continuously monitored, maintained and improved.

Furthermore, the standard includes the identification and assessment of risks as well as the definition, development, implementation and monitoring of appropriate measures to minimise these risks in the area of application.

Information security is built on the three pillars of confidentiality, integrity and availability.

Why do we rely on ISO/IEC 27001?

Information security is an important quality of our services.

With the ISO/IEC certification we commit to our customers the use of an information security management system (ISMS) with regular review of risks and processes.

The guidelines of the information security management system (ISMS) apply to all employees of stepping stone AG, to all third parties who carry out tasks or perform services for stepping stone AG and to all customers or visitors of stepping stone AG.

With the ISO/IEC 27001 certification, the stepping stone AG team wants to guarantee that our processes comply with international standards.

Contact us

For questions about the implementation of information security measures, contact the information security officer (ciso(at)

We will be happy to explain you in more detail how also your business can benefit from the certification.