On 7 November 2017, Joulz Energy Solutions renewed its ISO 27001/27019 certification for Telecom, and widened it for SA and Security.
We now have a 27001/27019 organisational label for all activities we perform in the OT domain on systems belonging to our customers, including all technical preconditions such as engineering laptops as well as organisational preconditions for the HRM, Procurement and Safety, Health, Environment and Quality departments.
In the past year, Joulz made its processes, practices and behaviour cyber-secure, in particular for the Telecom & Complex Security (including the overarching STN 2020 programme), Substation Systems and Grid Automation teams.
Following an intensive audit, our efforts were rewarded when we received the ISO 27001 certificate. This makes us one of the first companies in our industry to obtain the certificate.
Why is this important?
The primary importance of this certification lies in the prevention of incidents. This is imperative in order to be prepared for new EU legislation, for reinforcement of our existing role as a system integrator under STN 2020, and for substation automation and the ongoing professionalization of the way we provide our services. A typical example of the responsibility that we have is how we deal with engineering laptops at Joulz. We connect the laptops to customer systems and use them to make modifications to those systems. The connection established for this purpose obviously poses a cyber‑security risk.
Another example is the construction of SA systems and how we test them in our testing facility. During construction, these systems are the property of Joulz and we are required to use them in a cyber-secure way. Moreover, customers are going to require Joulz to produce cyber-secure designs and be able to demonstrate that. This will be brought into the scope of our operations in 2018.
Thanks to this Joulz certificate, grid operators Stedin and TenneT, as our clients, are able to rely on a Joulz organisation that takes its contribution to ensuring cyber-security very seriously.
How does this benefit our customers?
The demonstrability of cyber security is extremely important. It imposes certain preconditions on how an organisation is structured. Customers will start to require assurance of cyber security and, in the process we are now undertaking, we will make the company ready to meet this requirement. We have also taken steps through this process towards integration of OT and IT. This advance keeps Joulz Energy Solutions at the forefront of secondary engineering, underscoring our importance as a system integrator and strategic partner.
What are the next steps?
We want our organisational label to be in evidence throughout our entire organisation. Therefore, we will widen the scope of the certificate to include various teams within our specialised business units and supply chains.
Published: 10 November 2017