Based on our certifications we guarantee that we focus our efforts on various initiatives within the fields of quality and safety which are important to you as our customer.

ISO/IEC 27001:2022 certified

IT Relation’s work is performed in accordance with the Information Security Management System for the ISO/IEC 27001:2022 standard.

What is the ISO 27001 certificate?

In connection with the latest re-certification, IT Relation has switched from ISO/IEC 27001:2013 to ISO/IEC 27001:2022, and is now one of the first companies in the world certified according to the new standard. 

The ISO 27001 is an international and independent standard for information security according to which demands regarding organisation, responsibility, implementation, maintenance, and continuous improvements of information security have to be met.

IT Relation has implemented the ISO 27001 throughout our entire organisation and data centres. Among other things, we continuously perform risk assessments and regular intern audits in order to guarantee the efficiency of our management system and our procedures.

See the certificate

ISAE 3402 certified, type 2

Impartial guarantee of information security of your IT operations.

We have an ISAE 3402 Audit Statement. It is a professional validation that demonstrates and guarantees that we have control of our operation, self-checking, security, expertise, procedures and finances.

Annual independent control

The certification involves testing the controls indicated by the statement. A control which has to be carried out every year by an independent Chartered Accountant whose area of specialisation is IT audit.

The Chartered Accountant performs an annual audit and completes the statement afterwards. During the audit of our data centre the auditor goes through our network, monitoring, protection against fire, water, power cut, access security and backup among other things.

You can see our latest statement here: Audit Report 2022

This was prepared in January 2023 and is a type 2 statement, which is prepared for the period January 1, 2022 to December 31, 2022. The next version, which covers the period January 1, 2023 to December 31, 2023, is expected to be available in early February 2024.

Other reports

ISAE 3000 certified

An independent auditing company makes an audit report for IT Relation in accordance with the ISAE-3000 standard. The report is your guarantee that we have procedures and monitoring in place that protect personal data and that we process our personally identifiable data in accordance with the data processing agreement.

You can find our report here

This is a type II report that covers the period from 1 January 2022 to 31 December 2022.

Part of the SKI framework agreement 02.22 IT operating capacity

IT Relation is part of the latest SKI framework agreement 02.22 IT operating capacity for the public sector. The aim of the framework agreement 02.22 is to deliver IT operating capacity to public institutions as well as to give them the possibility of buying end-user devices as-a-service. The framework agreement lasts four years and includes approx. 1300 public customers. 

You can read more about the SKI framework agreement 02.22 here: See agreement

IT Relation is part of the partial agreement 01: IT operations

IT Relation is part of the SKI framework agreement 02.22, partial agreement 01: IT operations. Therefore, public institutions can enter into framework agreements with IT Relation within the following fields:

Platform services

  • Application operation
  • Server operation
  • Managed public cloud
  • Virtual desktop as-a-service
  • Mail as-a-service
  • Database as-a-service
  • Backup as-a-service

Network services

  • Managed LAN
  • Firewall as-a-service
  • VPN as-a-service
  • WIFI as-a-service
  • Supplementary services: Transition, Level support and Consulting services

Infrastructural services

  • Server as-a-service
  • Virtualisation as-a-service
  • Storage capacity

End-user devices

  • End-user devices as-a-service
  • Managed end-user devices (devices belonging to the supplier or the customer)
  • Mobile device management