Xolphin has achieved different certifications that affect the business operation. Read more about the contents of these certifications, or download the certificates here.
ISO/ (IEC) 27001:2013 is the international ISO standard for information security. This standard is a joint effort of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The last big revision of this standard was in 2013. The standard describes a process-based approach to map information security risks and to take the right measures to limit the risks within the organisation. By means of a Information Security Management System (ISMS) the information security is captured, maintained, carried out, monitored and improved.
Through the ISMS, the procedures for IT-security are tightened and well captured. The consciousness about information security is increased within the entire organisation. Primary the standard shows the process and the necessary procedures and more limited, the actual technical security. Achieving the certification is quite valuable. By the implementation of the ISO 27001:2013 and the associated ISMS we have a solid base for this moment and the future. It enbables us to keep our information security on a high level.
ISO 9001:2015 is the most used standard for quality control worldwide. The aim of this Quality Management System (QMS) is that the organisation will be focussed to continuous improve and increase the customer satisfaction. Customer Satisfaction is very important for Xolphin.
ISO 9001:2015 is formulated to pay attention to the entire process of translating customer wishes (input) to the final product or service. The entire primary work process is mentioned as well as some secondary processes. These processes support the organisation towards continuous improvement. This could include setting up a development department that improves the user interface but also the Sales and Marketing department, who continuously indicate the customer needs.
Everything is focused on translating input to output, from customer's demand to customers satisfaction. The organisation has to pay attention to control and secure the workload within the organisation. The way you have to fulfil this, depends on the size and complexity of the organisation. ISO 9001:2015 does not exactly determine the way the organisation has to fulfil things, they just determine the standards. Xolphin has defined how she can meet these standards in her QMS.
Xolphin is able to contribute to continuous customer improvement of her products and services in a more structured way, that's of course an advantage.
The WebTrust-program for certificate authorities (CA's) makes sure a CA or RA can follow the Certification Practice Statement (CPS)in a right way, to check organisations and protects certificate keys. After finishing the audit a certification authority can use the WebTrust-seal to show that they have taken all items required for the WebTrust audit. In addition to WebTrust for CAs, there will soon also be a WebTrust seal for RAs. For its role as RA (Registration Authority) for Sectigo, Xolphin has been audited for several years against the WebTrust standards. As soon as the RA seal is available we will also carry it.