Our certifications and regulatory compliance provide you as a customer with the assurance of working with a reliable, verified open-source partner whose processes are sound. Our customers from regulated sectors in particular depend on this compliance, and we work closely with them to continuously improve.
Certifications
ISO 9001:2015
Quality Management System
Quality is not a matter of chance for us, but the result of structured processes. Our ISO 9001:2015 certification guarantees that we continuously optimize our services and support structures for open-source infrastructures. For you, this means maximum reliability, transparent workflows, and a consistently high service level you can depend on.
ISO 27001:2022
Information Security Management
The protection of your data and systems is our top priority. With certification to the latest ISO 27001:2022 standard, we demonstrate that information security and risk management are deeply embedded in our corporate culture. Whether cloud, virtualization, or database operations—we secure your open-source environments according to the highest international standards.
Compliance
DORA
Digital Operational Resilience Act
We are preparing for the requirements and will offer DORA-compliant services for financial institutions under BaFin supervision.
NIS2 / KRITIS
Network and Information Security Directive 2
We are naturally implementing the EU directive for secure IT systems. We are currently working on refining our offering specifically for the stricter requirements for KRITIS organizations.
Do you have questions about our certification and compliance? Do not hesitate to contact us at any time. Your contact person is:
Chief Technology Officer (CTO)
T: +49 2161 9174200
Digital Sovereignty in Focus: Mastering NIS2, DORA, and KRITIS with Open Source
NIS2 Directive: Cyber Resilience Without Foreign Dependencies
The European NIS2 Directive holds not only companies but also their entire IT supply chain accountable. What is required is complete control over IT security. Proprietary software from non-EU countries poses an incalculable risk—through opaque source code and the danger of vendor lock-ins that block rapid security adjustments. Open standards and auditable open-source solutions, on the other hand, offer the maximum transparency that modern compliance audits demand. We support you in establishing your infrastructure independently, securely, and in compliance with NIS2.
DORA: Digital Resilience Through Vendor-Independent Architectures
The Digital Operational Resilience Act (DORA) compels the financial sector to implement strict risk management for IT third-party service providers. Monopolistic dependencies on individual software giants contradict the core principle of resilience. If a closed system fails or licensing models change drastically, financial institutions are often unable to act. Open-source architectures—such as Linux systems or highly available PostgreSQL databases—secure your operational resilience. You retain full control over your software stack, avoid strategic concentration risks, and confidently meet DORA’s ICT third-party requirements.
KRITIS: Maximum Protection Through Digital Sovereignty
Critical infrastructures (KRITIS) are the backbone of our society. Here, digital sovereignty is not an option but a necessity. Dependence on the geopolitical interests of foreign software vendors jeopardizes supply security in emergencies. Only those who know their source code can exclude backdoors and operate and patch systems autonomously in crisis situations. With our extensive experience in enterprise support and targeted hardening of open systems, we ensure that your business-critical KRITIS environments remain permanently protected, highly available, and completely independent.