Edelweiss Air AG planned to implement an information security management system (ISMS): a set of procedures and rules that serves to permanently define, regulate, control, maintain and continuously improve information security. Adnovum planned and supported the implementation of an ISMS in accordance with ISO / IEC 27002: 2013 and assumed the role of «Security Officer as a Service» (SOaaS).
In addition, Edelweiss Air AG planned to implement technical and organizational measures to meet the new legal requirements (GDPR) to which the airline is subject due to its international activities. Adnovum assumed the role of «Privacy Officer as a Service» (POaaS).
The goal: To introduce an ISMS in order to improve information security and to comply with the requirements of the Lufthansa Group, as well as to implement the new legal requirements (GDPR).
The process: Adnovum Security Consulting supported and advised Edelweiss Air AG on the introduction of an ISMS in accordance with ISO / IEC 27002. In addition, it provided support with technical and organizational measures to meet the GDPR requirements.
The result: Information security and compliance as specified by the Lufthansa Group are constantly being improved, the GDPR requirements are met.