Written by Carolin Kaulfersch on March 27, 2026

ISO certification at Eye-Able

News
For us, ISO certification is not a box-ticking exercise. It reflects how we organise and implement quality, information security, and cloud security in our day-to-day work. With our latest certification, we have deliberately expanded and further developed our system.

New ISO certifications 27017 and 27018What exactly has been certified 

We now operate an integrated management system that combines the requirements of four standards: 

  • DIN EN ISO 9001 – Quality management 

  • DIN EN ISO/IEC 27001 – Information security management

  • DIN EN ISO/IEC 27017 – Information security for cloud services

  • DIN EN ISO/IEC 27018 – Protection of personal data in cloud environments 

Rather than managing individual certifications in isolation, we have consciously chosen a unified system. 

As a SaaS provider, it was particularly important for us to embed cloud security structurally – not merely as an add-on to information security. 

Standards 27017 and 27018 provide clarity here: 
They define responsibilities between provider and customer and set out clear guidelines for handling personal data in the cloud. 

How the audit process was carried out 

The certification process took place over several months and was structured in three consecutive phases. BSI Group assessed different aspects in detail: 

  • September 2025: Foundations of the integrated management system – processes, documentation, key roles, and responsibilities

  • December 2025: Infrastructure, operations, and interfaces with our key services and suppliers

  • January–March 2026: Effectiveness in day-to-day operations – do risk management, incident response, and continuous improvement actually work in practice? 

What this means for our customers 

The certification brings tangible benefits for working with our customers and partners: 

Quality, information security, cloud security, and data protection are combined within one system 
Measures are not only documented but externally verified 
Requirements can be aligned based on clearly defined standards 

This makes coordination significantly easier for many organisations – particularly with IT, data protection, and legal teams. 

Especially in regulated industries or the public sector, this reduces effort considerably: 
Many requirements can be addressed directly based on the certifications, rather than being developed from scratch. 

What comes next 

Certification does not mean the work is done. 
What matters now is whether processes, responsibilities, and measures hold up in everyday practice – for example in product development, collaboration with service providers, or incident handling. 

That is exactly what we continue to focus on. 

Digital accessibility decides whether customers can shop at all. Check your website’s accessibility now – and reduce legal risk before it becomes a problem.

Check your website
Filter

Filter by category

Confirm your selection with the button at the end of the list after choosing the categories.

Reset filters

WCAG compliance levels: Understanding A, AA and AAA

Read story

WCAG 2.2: What applies now & what’s coming with WCAG 3.0

Read story

Accessibility test: How to check your website properly

Read story

WCAG and accessible design – How to apply it in practice

Read story

BFSG: Who is affected?

Read story

How to create accessible PDFs: Simple & legally compliant

Read story
aria label written in a black box in the center, below on the right-hand side is a white arrow.

aria-label in HTML: How to use it correctly

Read story

What Makes a Website Truly Accessible: 5 Concrete Actions

Read story

Gruppo Végé & Eye-Able

Read story

How to make your online shop accessible: requirements, advantages, and implementation tips

Read story

Checklist: Accessible web design for your website

Read story

You need more information?

Contact us and we will be happy to help you.

Contact Arrange appointment
A man and a woman look at a monitor and laugh