At the end of March, DENIC’s integrated management system for information security (ISMS) and business continuity (BCMS) was thoroughly reviewed by colleagues from Switch and nic.at as part of an internal audit. Are the guidelines, processes, and measures still adequate to ensure DENIC’s information security, and can business continuity be guaranteed even in the event of a security crisis? This was the focus of the internal audit.
In addition, the group of experts had time for a deeper technical dive into the individual points than is possible during external audits. There were challenging discussions on current topics such as the opportunities and risks associated with AI and multi-agent systems, as well as their potential applications in the field of information security, and the expanded compliance requirements in Germany resulting from the NIS 2 Directive.
The excellent news: Once again, this year’s internal audit at DENIC revealed no deficiencies. The recommendations for further improvement help to continuously optimize the management system.
Mutual internal audits within the DACH group take place regularly at DENIC, Switch, and nic.at. “We greatly value the exchange within this expert group,” says the Information Security team at DENIC.
Regular internal audits are part of the mandatory requirements of the ISO 27001:2022 standard for Information Security Management Systems (ISMS) and are an important tool for verifying whether an ISMS is functioning as planned.
