A KEY PROJECT FOR MAINTAINING A BUSINESS RELATIONSHIP
SDATAWAY AG collaborated with SPIE ICS AG on an ambitious project to implement an Information Security Management System (ISMS) and achieve ISO 27001 certification. This strategic initiative was undertaken because compliance with information security standards was crucial for maintaining the business relationship with a key client.
THE CHALLENGE
SDATAWAY, a key player in integrating OT/IoT components into their solutions, faced a critical strategic requirement from their main client: the implementation of an Information Security Management System (ISMS) with the objective of achieving ISO 27001 certification. The challenge was even more demanding as the company operated within a security framework that was still under development, and the goal had to be achieved within an ambitious timeframe of just one year.
The primary objective was therefore to ensure compliance with the standards of the ISO 27001 norm while simultaneously guaranteeing the security of development processes and the protection of corporate assets against cyber risks.
GUIDANCE PROJECT
To meet the client’s needs, SPIE ICS assigned a senior consultant specializing in information security and ISO 27001 certification support. The project was carried out under a consultancy agreement in Châtel-St-Denis, in the canton of Fribourg, from November 2024 to November 2025. The support included the clear definition of requirements, implementation of the necessary tools, and the structuring of policies and procedures required by the ISO 27001 standard.
"Our certification is based on a strong partnership with SPIE. Their expertise and support have transformed a complex project into an opportunity for internal development. Thanks to their proactive approach and diligent guidance, our team has gained both competence and independence. We highly recommend SPIE for their outstanding expertise, commitment, and the added value they bring, which extends far beyond their original mission."
Giuseppe Certo
Director SDATAWAY AG
PROJECT TIMELINE
Initial Phase:
• Definition of the project scope
• Identification of specific requirements and organisational needs
Operational Phase:
• Development of required policies, guidelines, and procedures
• Implementation of tailored technical and organisational measures
• User training to ensure optimal acceptance
Validation Phase:
• Conducting a risk analysis
• Performing internal audits to verify compliance
• Final certification audit
This structured and pragmatic approach enabled the ISMS to be swiftly adapted to the ISO standard while adhering to the set timelines.
BENEFITS
• Personalised support by an information security expert
• Development of SDATAWAY’s internal competencies through active employee involvement and strong management support
• Fast and efficient implementation thanks to SPIE ICS’s extensive experience in similar projects
MEASURABLE RESULTS
• Successful ISO 27001 certification before the deadline at the end of 2025
• Fulfillment of requirements to ensure long-term collaboration with the key client
• Complete and operational integration of the ISMS into the organisation
• Strengthening of security measures to protect assets and manage cyber risks
About SDATAWAY
Founded in 2007, SDATAWAY AG originated from a concept aimed at simplifying the management of fire protection systems in the construction sector. The company eventually expanded its activities to include building technology as well as the development of electronics and software products.
After experiencing rapid growth, the company now supports its customers in developing electronics, software, and IoT solutions with a focus on innovation and reliability. With over 40 employees, primarily electronics, software, and mechanical engineers, SDATAWAY AG brings interdisciplinary expertise to the table, spanning from conception to industrialization.
SPIE ICS AG is your independent service partner in Switzerland for solutions in cybersecurity and governance.