Maddalena Spa has renewed the certification of its ISMS according to the ISO 27001 standard. This year, the certification renewal audit was even more demanding due to the number and type of inspections required. Inspections to which we were able to respond well thanks to an adequate preparation of the employees and of the whole company, also with the careful use of very effective safety technologies.
Our company represents one of the rare realities in the industrial world that has decided to pursue this certification. “The ISO 27001 certification is an addition to the others that the Company has achieved over the years with the aim of reaping real benefits from the adoption of codified management systems such as the Integrated Certification of the Quality and Environmental Management Systems, in compliance with the ISO 9001 and ISO 14001 Standards, to which compliance with the ISO 45001 Standard will be integrated by June 2021 (Accreditation of the Calibration Laboratory in accordance with the ISO 17025 Standard, Code of Ethics in accordance with Legislative Decree 231) and the upcoming SA 8000, to be added to the Integrated Sustainability Report 2020.” Says Emanuele Ferrari, Quality Assurance Manager.
The current times, in terms of IT security, are already a good reason why a company should embrace a rigorous management system of their ISMS. It is also necessary to consider the vision that a company must have of its information systems. “As I always repeat – comments Alessandro Franchi, EDP Manager of Maddalena Spa – there are companies for which systems are considered only a mere “cost”; others, at the opposite extreme, for which systems are a precious source of competitive advantage and an important tool in the generation of value. They are not right or wrong «a priori» visions. The real mistake is adopting the wrong model for one’s own context ”.
In a complex economic environment, evolutionary paradigms justify both approaches, depending on the competitive model adopted. When a new dominant paradigm emerges, the one that “existed before” is not eliminated but continues to exist, albeit to a lesser extent, in a global context that inexorably increases in complexity. We are therefore not surprised to still find “old-fashioned” industrial companies or “IT-less” artisan companies in the mid of hyper-automated and connected companies, no matter what the size is.
In these years of maturation of ISO 27001 in the company, we can confirm that the conscious adoption of codified management systems helps the organization in contributing to adequate support of its processes and the generation of corporate value, obviously if they are properly implemented. For us it has become a real IT management tool, the benefits of which have emerged from the very beginning, at the time of preparation for the first certification.