nic.at GmbH, its daughter company CERT.at GmbH, as well as its sister companies ipcom GmbH and tldbox GmbH have been certified according to the leading international standard for information security ISO 27001 since 2014. The validity of this CIS certificate is maintained through annual surveillance audits and three-year renewal audits, which nic.at successfully achieved in June 2022 and thus received re-certification. The certificates can be viewed directly at the certification body CIS Certification & Information Security Services GmbH.

ISO 27001 is the leading international standard that indicates how information security can be guaranteed in a company. Following the initial certification of nic.at GmbH in 2014, regular audits have been carried out to check, among other things, transparency in processes, systematic risk and business continuity management, and information security. We are proud to have successfully passed the re-certification following an audit lasting several days, in addition to our sister companies ipcom GmbH and tldbox GmbH.

ISO 27001 is the leading international standard that describes how information security in a company can be ensured. Following the first certification of nic.at GmbH in 2014, regular audits check procedures, systematic risk and business continuity management and information security for transparency and other factors. We are proud that we, our subsidiary ipcom GmbH  and our sister company tldbox GmbH have successfully achieved re-certification in the context of multiple-day audits.

After a one-year preparatory period, in which many processes were closely investigated and optimised, nic.at was officially awarded the ISO 27001 certificate. On 18 February 2014, the auditors of the CIS company confirmed the application and further development of an effective Information Security Management System in accordance with ISO 27001:2013. nic.at subsidiary ipcom GmbH and sister company tldbox GmbH were also certified. The considerable benefits of an ISO 27001 certification are the systematic and risk-based integration of information security into the company's relevant business processes. This serves to ensure and improve the availability, integrity, and confidentiality of the IT systems.