:no_upscale():format(png))
Talk to everyone about everything - Inclusive language
Read story Written by Carolin Kaulfersch on March 27, 2026
ISO certification at Eye-Able
News
For us, ISO certification is not a box-ticking exercise. It reflects how we organise and implement quality, information security, and cloud security in our day-to-day work. With our latest certification, we have deliberately expanded and further developed our system.
What exactly has been certified
We now operate an integrated management system that combines the requirements of four standards:
DIN EN ISO 9001 – Quality management
DIN EN ISO/IEC 27001 – Information security management
DIN EN ISO/IEC 27017 – Information security for cloud services
DIN EN ISO/IEC 27018 – Protection of personal data in cloud environments
Rather than managing individual certifications in isolation, we have consciously chosen a unified system.
As a SaaS provider, it was particularly important for us to embed cloud security structurally – not merely as an add-on to information security.
Standards 27017 and 27018 provide clarity here:
They define responsibilities between provider and customer and set out clear guidelines for handling personal data in the cloud.
How the audit process was carried out
The certification process took place over several months and was structured in three consecutive phases. BSI Group assessed different aspects in detail:
September 2025: Foundations of the integrated management system – processes, documentation, key roles, and responsibilities
December 2025: Infrastructure, operations, and interfaces with our key services and suppliers
January–March 2026: Effectiveness in day-to-day operations – do risk management, incident response, and continuous improvement actually work in practice?
What this means for our customers
The certification brings tangible benefits for working with our customers and partners:
Quality, information security, cloud security, and data protection are combined within one system
Measures are not only documented but externally verified
Requirements can be aligned based on clearly defined standards
This makes coordination significantly easier for many organisations – particularly with IT, data protection, and legal teams.
Especially in regulated industries or the public sector, this reduces effort considerably:
Many requirements can be addressed directly based on the certifications, rather than being developed from scratch.
What comes next
Certification does not mean the work is done.
What matters now is whether processes, responsibilities, and measures hold up in everyday practice – for example in product development, collaboration with service providers, or incident handling.
That is exactly what we continue to focus on.
Digital accessibility decides whether customers can shop at all. Check your website’s accessibility now – and reduce legal risk before it becomes a problem.
Filter
:no_upscale():format(png))
Game over without inclusion: accessibility in video games
Read story:no_upscale():format(png))
Report Update: Spelling and grammar check
Read story:no_upscale():format(png))
Open your eyes in web design! - Color blindness on the Internet
Read story:no_upscale():format(png))
Celebrate barrier-free: About inclusive events
Read storyEye-Able® is featured in the new "StartUPdate" magazine!
Read storyMore than just an overlay tool
Read story:no_upscale())
Who does it best? The top 5 most accessible countries worldwide
Read story:no_upscale():format(png))
The most common mistakes in accessible web design
Read story:no_upscale():format(png))
Everything online, everything accessible? - About education and inclusion
Read story:no_upscale():format(png))
20 years of OXID eSales AG - We were there!
Read story:no_upscale():format(png))
City of Bonn for digital accessibility
Read story:no_upscale():format(png))
:no_upscale():format(png))