A certification objectively pays lip service to a company – namely, compliance with national and international standards and procedures in the respective field as well as continuous improvement of its own processes. A certificate is the result of a successful assessment by an independent third party, for example a certification body such as TÜV AUSTRIA. For companies, it brings considerable market advantages – in terms of trust. However, certification is not a one-time, completed act, but a continuous development process that includes regular follow-up assessments, as shown by the example of the trust service provider SwissSign, which was recently recertified by TÜV TRUST IT.
Trust must be earned
The company accompanies people and companies into a digital future with trustworthy identities for secure e-business processes. Cornerstones are identity services as well as certificate services that enable secure and easy access to the online world. A regular audit by TÜV TRUST IT could objectively prove the confidential handling of sensitive data according to the required standards.
Symbiosis of testing institute and trust service provider
TÜV TRUST IT and SwissSign have been mastering technical and legal requirements together since 2018. “We accompany SwissSign right from the product development phase and get involved from the very beginning so that new services can be set up in compliance with standards,” says Clemens Wanko, Head of Trust Infrastructure at TÜV TRUST IT, explaining the cooperation. “This is cost-efficient and saves an enormous amount of time. Because as soon as the product development is completed, we are not only compliant with the legal requirements, but already ready for certification. With the certification of TÜV AUSTRIA, we prove our high security standard for all to see and understand,” adds Michael Günther, Chief Information Security Officer of SwissSign.
Certification in 3, 2, 1,…
Certificates, as the result of a successfully completed auditing process, confirm a currently valid status. The majority of certificates are valid for two or three years – depending on the respective standards as a basis – and are checked annually by a surveillance audit. A recertification audit is carried out in good time before a certificate expires in order to maintain its validity.