Since the current cyber threat landscape requires a solid yet flexible cyber resilience strategy, it is especially important to know that the company you are working with has a robust Information Security Management System (ISMS). This is because an ISO 27001 certified business can benefit its customers, partners, and shareholders by reducing risks. Wärtsilä’s commitment to securely managing customers’ information assets in business-critical applications is now evidenced by the achievement of ISO 27001 certification for its ISMS.
An information security certification demonstrates not only the current situation – but also that there is continuous development. The ISO 27001 certification is not only a reward for a single accomplishment but a recognition of the ongoing and comprehensive dedication to security compliance and constant improvement.
The certification is an an important milestone for us and our customers in the Marine and Energy industries and a strong testament to our work with cyber resilience and information security, avoiding risks for customers, partners, and shareholders.
Our future proof ISMS can be adapted and extended to meet new requirements, regulations, or changes in the operating environment. It protects the confidentiality, integrity, and availability of sensitive information. Risks related to information security are identified, assessed, and appropriately mitigated to securely manage business-critical applications and our customers’ information assets.
“We are now navigating the seas of data security with ISO 27001 certification on board. Our commitment to safeguarding Marine and Energy customers’ information is not just wind in our sails; it is the very compass guiding our cyber resilience journey. Powered by this additional certification, we are not just protecting your information. We are lighting the way for a brighter more secure future together,” says Mark Milford, Vice President Cyber Security.
Defining the right ISMS scope is always going to be key. A wide scope that covers most activities and assets is balanced against feasibility, cost, and time of implementing an ISMS across an entire organisation. The scope determines which parts of the organisation, processes, and systems are covered by the ISMS and subject to the ISO 27001 requirements.
Our solution was an ISMS wider than the first-year certification scope that covers the company wide information security governance framework, and critical centrally managed applications. The current certification scope is a starting point and will allow us to expand the coverage of the ISMS during coming years.
The ISMS implementation was a cross-collaboration effort across the organization. Building on our solid information security practices, the certification process has allowed us to further improve from there. Internally, we have improved our information security awareness, culture, and practices.
For our customers and stakeholders, this is a third-party seal of approval as a dependable and reliable partner.