When it comes to data privacy, regulatory compliance processes, and information security, our customers, users, and partners in HR and L&D have high expectations. Meeting these requirements is one of our most important concerns.
We recently had Speexx audited for compliance with Directive (EU) 2016/97, AZAV in Germany and Qualiopi in France, ISO 27001, ISO 9001, and PCI-DSS for our server housing, and the ISO9001:2015 certification. Now, we have taken a similar step forward with our information security and GDPR compliance with the TISAX® certification.
Speexx and the TISAX certification
The European automotive industry relies on trust to develop, build and operate cars and vehicles. As a safe foundation, carmakers and their suppliers use the Trusted Information Security Assessment Exchange (TISAX) to provide an aligned information security assessment. TÜV Rheinland, an independent accredited auditor, now completed the TISAX assessment of Speexx and our parent company, digital publishing AG, in March 2021.
The TISAX certification is based on the international ISO/IEC 27001 and 27002 standards adapted to the automotive industry. In 2017, it was updated to include controls for the use of cloud services like Speexx.
“We are proud to be the first global digital learning platform to achieve the TISAX participant status. This international standard clearly supports our strategy to provide large-scale infrastructure and digital learning services to our enterprise customers worldwide,” says Felix Frankenberger, Data Protection Officer of Speexx.” As organizations lean more on cloud-based technology – with so much of the workforce only accessible online now and not in a physical office – security and privacy will be an even more significant concern for business and the IT organizations that support them.”
Why Certification Matters
It’s not enough to be aware of existing compliance regulations, laws, or standards. In this post-pandemic world and age of accelerated digitalization, being able to point to accreditations like the TISAX certification sets an organization above the rest of its peers.
With most of the world working remotely or in hybrid mode, certifications for processes, IT standards, and cloud services are even more critical. Without being face-to-face with a colleague, client, potential employee, or service provider, we need other ways to identify security issues or lack of compliance.
Whether these corporate capabilities pertain to security, privacy, or compliance, there’s no doubt: When all business is being conducted from home or hybrid, certifications will help all organizations better assess and judge providers of digital services and their processes—especially those in regulations-based industries. To be safe, organizations need to screen their digital service providers for appropriate security measures, accreditation, and certifications.